CVSS: 7.8EPSS: 0%CPEs: 774EXPL: 0CVE-2022-27541
https://notcve.org/view.php?id=CVE-2022-27541
12 Jun 2023 — Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure. • https://support.hp.com/us-en/document/ish_7709808-7709835-16/hpsbhf03835 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 774EXPL: 0CVE-2022-27539
https://notcve.org/view.php?id=CVE-2022-27539
12 Jun 2023 — Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure. • https://support.hp.com/us-en/document/ish_7709808-7709835-16/hpsbhf03835 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 754EXPL: 0CVE-2021-3439
https://notcve.org/view.php?id=CVE-2021-3439
30 Jan 2023 — HP has identified a potential vulnerability in BIOS firmware of some Workstation products. Firmware updates are being released to mitigate these potential vulnerabilities. • https://support.hp.com/us-en/document/ish_3982318-3982351-16/hpsbhf03735 •
CVSS: 7.8EPSS: 0%CPEs: 386EXPL: 0CVE-2021-3809
https://notcve.org/view.php?id=CVE-2021-3809
30 Jan 2023 — Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities. • https://support.hp.com/us-en/document/ish_6184733-6184761-16/hpsbhf03788 •
CVSS: 7.8EPSS: 0%CPEs: 386EXPL: 0CVE-2021-3808
https://notcve.org/view.php?id=CVE-2021-3808
30 Jan 2023 — Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities. • https://support.hp.com/us-en/document/ish_6184733-6184761-16/hpsbhf03788 •
CVSS: 8.4EPSS: 0%CPEs: 150EXPL: 0CVE-2022-37018
https://notcve.org/view.php?id=CVE-2022-37018
21 Nov 2022 — A potential vulnerability has been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerability. Se ha identificado una vulnerabilidad potencial en el BIOS del sistema para ciertos productos de PC HP que puede permitir la escalada de privilegios y la ejecución de código. HP está lanzando actualizaciones de firmware para mitigar la vulnerabilidad potencial. • https://support.hp.com/us-en/document/ish_7191946-7191970-16/hpsbhf03820 •
CVSS: 7.8EPSS: 0%CPEs: 481EXPL: 0CVE-2022-1038
https://notcve.org/view.php?id=CVE-2022-1038
21 Nov 2022 — A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software. Se ha identificado una posible vulnerabilidad de seguridad en el software HP Jumpstart, que podría permitir una escalada de privilegios. HP recomienda que los clientes desinstalen HP Jumpstart y utilicen el software myHP. • https://support.hp.com/us-en/document/ish_6189329-6189528-16/hpsbhf03791 •
CVSS: 9.0EPSS: 0%CPEs: 206EXPL: 0CVE-2019-16284
https://notcve.org/view.php?id=CVE-2019-16284
05 Nov 2019 — A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code. A list of affected products and versions are available in https://support.hp.com/rs-en/document/c06456250. Ha sido identificada una potencial vulnerabilidad de seguridad en múltipl... • https://support.hp.com/rs-en/document/c06456250 •
CVSS: 5.5EPSS: 0%CPEs: 29EXPL: 2CVE-2017-8360
https://notcve.org/view.php?id=CVE-2017-8360
12 May 2017 — Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data (keystrokes) to any process. In mictray64.exe (mic tray icon) 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: debug messages accessible to any process that is running in the current user session, and filesystem access to C:\Users\Public\MicTray.log by any process. La tarea mictray64 de Conexant Systems, tal como es usada e... • http://www.securitytracker.com/id/1038527 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •