CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-39238
https://notcve.org/view.php?id=CVE-2021-39238
Certain HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide, HP PageWide Managed products may be vulnerable to potential buffer overflow. Determinados productos HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide y HP PageWide Managed pueden ser vulnerables a un posible desbordamiento del búfer • https://support.hp.com/us-en/document/ish_5000383-5000409-16 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3705
https://notcve.org/view.php?id=CVE-2021-3705
Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow an unauthorized user to reconfigure, reset the device. Se han detectado posibles vulnerabilidades de seguridad en una determinada impresora HP LaserJet Pro que pueden permitir a un usuario no autorizado reconfigurar, restablecer el dispositivo • https://support.hp.com/us-en/document/ish_4411563-4411589-16/hpsbpi03741 •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29212 – Hewlett Packard Enterprise iLO Amplifier Pack backup Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-29212
A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arbitrary code leading complete impact to confidentiality, integrity, and availability of the iLO Amplifier Pack appliance. Se ha identificado una vulnerabilidad de seguridad de salto de directorio no autenticado en HPE iLO Amplifier Pack versiones 1.80, 1.81, 1.90 y 1.95. La vulnerabilidad podría ser explotada remotamente para permitir que un usuario no autenticado ejecute código arbitrario, conllevando un impacto completo en la confidencialidad, integridad y disponibilidad del dispositivo iLO Amplifier Pack This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise iLO Amplifier Pack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the backup endpoint. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04189en_us https://www.zerodayinitiative.com/advisories/ZDI-21-1278 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3704
https://notcve.org/view.php?id=CVE-2021-3704
Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow a Denial of Service on the device. Se han detectado posibles vulnerabilidades de seguridad en una determinada impresora HP LaserJet Pro que pueden permitir una denegación de servicio en el dispositivo • https://support.hp.com/us-en/document/ish_4411563-4411589-16/hpsbpi03741 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3440
https://notcve.org/view.php?id=CVE-2021-3440
HP Print and Scan Doctor, an application within the HP Smart App for Windows, is potentially vulnerable to local elevation of privilege. HP Print and Scan Doctor, una aplicación dentro de HP Smart App para Windows, es potencialmente vulnerable a una elevación local de privilegios • https://support.hp.com/us-en/document/ish_4120228-4120263-16/hpsbpi03727 •