Page 5 of 24 results (0.008 seconds)

CVSS: 7.8EPSS: 0%CPEs: 481EXPL: 0

A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software. Se ha identificado una posible vulnerabilidad de seguridad en el software HP Jumpstart, que podría permitir una escalada de privilegios. HP recomienda que los clientes desinstalen HP Jumpstart y utilicen el software myHP. • https://support.hp.com/us-en/document/ish_6189329-6189528-16/hpsbhf03791 •

CVSS: 5.5EPSS: 0%CPEs: 29EXPL: 2

Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data (keystrokes) to any process. In mictray64.exe (mic tray icon) 1.0.0.46, a LowLevelKeyboardProc Windows hook is used to capture keystrokes. This data is leaked via unintended channels: debug messages accessible to any process that is running in the current user session, and filesystem access to C:\Users\Public\MicTray.log by any process. La tarea mictray64 de Conexant Systems, tal como es usada en los sistemas HP Elite, EliteBook, ProBook y ZBook, filtra datos confidenciales (keystrokes) a cualquier proceso. En mictray64.exe (mic tray icon) versión 1.0.0.46, un hook de Windows en LowLevelKeyboardProc es usado para capturar las pulsaciones de teclas (keystrokes). • http://www.securitytracker.com/id/1038527 https://www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt https://www.modzero.ch/modlog/archives/2017/05/11/en_keylogger_in_hewlett-packard_audio_driver/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 4%CPEs: 39EXPL: 0

The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows remote attackers to modify data or cause a denial of service, or execute arbitrary code, via unspecified vectors. Vulnerabilidad en el módulo HP lt4112 LTE/HSPA+ Gobi 4G con firmware anterior a 12.500.00.15.1803 en dispositivos Thin Client EliteBook, ElitePad, Elite, ProBook, Spectre, Zbook y mt41, permite a atacantes remotos modificar los datos, provocar una denegación de servicio o ejecutar código arbitrario a través de vectores no especificados. • http://www.securityfocus.com/bid/76176 http://www.securitytracker.com/id/1033414 http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-446601.htm https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773272 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773272 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.9EPSS: 0%CPEs: 39EXPL: 0

The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows local users to gain privileges via unspecified vectors. Vulnerabilidad en el módulo HP lt4112 LTE/HSPA+ Gobi 4G con firmware anterior a 12.500.00.15.1803 en dispositivos Thin Client EliteBook, ElitePad, Elite, ProBook, Spectre, Zbook y mt4, permite a usuarios locales obtener privilegios a través de vectores no especificados. • http://www.securityfocus.com/bid/76171 http://www.securitytracker.com/id/1033414 http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-446601.htm https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773272 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773272 • CWE-264: Permissions, Privileges, and Access Controls •