CVE-2022-1038
https://notcve.org/view.php?id=CVE-2022-1038
A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software. Se ha identificado una posible vulnerabilidad de seguridad en el software HP Jumpstart, que podría permitir una escalada de privilegios. HP recomienda que los clientes desinstalen HP Jumpstart y utilicen el software myHP. • https://support.hp.com/us-en/document/ish_6189329-6189528-16/hpsbhf03791 •
CVE-2020-15596
https://notcve.org/view.php?id=CVE-2020-15596
The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file. El controlador de la pantalla táctil ALPS ALPINE versiones anteriores a 8.2206.1717.634, como es usada en varias computadoras portátiles Dell, HP y Lenovo, permite a atacantes conducir ataques de Divulgación de Ruta por medio de un archivo DLL "fake" • https://seclists.org/fulldisclosure/2020/Jul/30 https://support.hp.com/document/c06706305 • CWE-427: Uncontrolled Search Path Element •
CVE-2019-16284
https://notcve.org/view.php?id=CVE-2019-16284
A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code. A list of affected products and versions are available in https://support.hp.com/rs-en/document/c06456250. Ha sido identificada una potencial vulnerabilidad de seguridad en múltiples productos y versiones de HP que implica la posible ejecución de código arbitrario durante los servicios de arranque que puede resultar en una elevación de privilegios. La estructura de EFI_BOOT_SERVICES podría ser sobrescrita por parte de un atacante para ejecutar código SMM (System Management Mode) arbitrario. • https://support.hp.com/rs-en/document/c06456250 •
CVE-2015-5368
https://notcve.org/view.php?id=CVE-2015-5368
The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows remote attackers to modify data or cause a denial of service, or execute arbitrary code, via unspecified vectors. Vulnerabilidad en el módulo HP lt4112 LTE/HSPA+ Gobi 4G con firmware anterior a 12.500.00.15.1803 en dispositivos Thin Client EliteBook, ElitePad, Elite, ProBook, Spectre, Zbook y mt41, permite a atacantes remotos modificar los datos, provocar una denegación de servicio o ejecutar código arbitrario a través de vectores no especificados. • http://www.securityfocus.com/bid/76176 http://www.securitytracker.com/id/1033414 http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-446601.htm https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773272 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773272 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-5367
https://notcve.org/view.php?id=CVE-2015-5367
The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows local users to gain privileges via unspecified vectors. Vulnerabilidad en el módulo HP lt4112 LTE/HSPA+ Gobi 4G con firmware anterior a 12.500.00.15.1803 en dispositivos Thin Client EliteBook, ElitePad, Elite, ProBook, Spectre, Zbook y mt4, permite a usuarios locales obtener privilegios a través de vectores no especificados. • http://www.securityfocus.com/bid/76171 http://www.securitytracker.com/id/1033414 http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-446601.htm https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773272 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773272 • CWE-264: Permissions, Privileges, and Access Controls •