2455 results (0.002 seconds)

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

15 Aug 2025 — A potential security vulnerability has been identified in the HPAudioAnalytics service included in the HP Hotkey Support software, which might allow escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability. • https://support.hp.com/us-en/document/ish_12893367-12893393-16/hpsbhf04044 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

30 Jul 2025 — Certain HP LaserJet Pro printers may be vulnerable to information disclosure when a non-authenticated user queries a device’s local address book. Algunas impresoras HP LaserJet Pro pueden ser vulnerables a la divulgación de información cuando un usuario no autenticado consulta la libreta de direcciones local de un dispositivo. • https://support.hp.com/us-en/document/ish_12807011-12807034-16/hpsbpi04040 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

28 Jul 2025 — A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm (DSA). Se ha identificado una posible vulnerabilidad de seguridad en HP Linux Imaging and Printing Software documentation. Esta vulnerabilidad se debe al uso de una clave de firma de código débil, el algoritmo de firma digital (DSA). • https://support.hp.com/us-en/document/ish_12804224-12804228-16/hpsbpi04033 • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

05 Jun 2025 — A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.44.18.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write. • https://support.hp.com/us-en/document/ish_12617979-12618008-16/hpsbgn04022 • CWE-281: Improper Preservation of Permissions •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

18 Apr 2025 — A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for certain HP PC products with versions prior to 4.2.2439. This vulnerability could potentially allow a local attacker to escalate privileges. HP is providing software updates to mitigate this potential vulnerability. Se ha identificado una posible vulnerabilidad de seguridad en HP Touchpoint Analytics Service para ciertos productos de PC HP con versiones anteriores a la 4.2.2439. Esta vulnerabilidad podría permit... • https://support.hp.com/us-en/document/ish_12269975-12269997-16/hpsbgn04008 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

14 Feb 2025 — Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP LaserJet Pro MFP 3301fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of PostScript data. The issue results from the lack of p... • https://support.hp.com/us-en/document/ish_11953771-11953793-16/hpsbpi04007 • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

14 Feb 2025 — Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. This vulnerability allows local attackers to escalate privileges on affected installations of HP LaserJet Pro MFP 3301fdw printers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the suidex... • https://support.hp.com/us-en/document/ish_11953771-11953793-16/hpsbpi04007 • CWE-121: Stack-based Buffer Overflow •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

14 Feb 2025 — Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP LaserJet Pro MFP 3301fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of PostScript data. The issue results from the lack of p... • https://support.hp.com/us-en/document/ish_11953771-11953793-16/hpsbpi04007 • CWE-121: Stack-based Buffer Overflow •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

05 Feb 2025 — A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in Poly Edge E devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure. A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure. • https://support.hp.com/us-en/document/ish_11926124-11926148-16/hpsbpy03996 • CWE-35: Path Traversal: '.../ •

CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0

03 Feb 2025 — A potential vulnerability has been identified in HP Anyware Agent for Linux which might allow for authentication bypass which may result in escalation of privilege. HP is releasing a software update to mitigate this potential vulnerability. • https://support.hp.com/us-en/document/ish_11920613-11920636-16 • CWE-273: Improper Check for Dropped Privileges •