Hp: Security Vulnerabilities
A potential vulnerability has been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerability.
CVSS Score
8.4
EPSS Score
0.002
Published
2022-12-12
Potential security vulnerabilities have been identified in an OMEN Gaming Hub SDK package which may allow escalation of privilege and/or denial of service. HP is releasing software updates to mitigate the potential vulnerabilities.
CVSS Score
9.8
EPSS Score
0.156
Published
2022-12-12
A potential security vulnerability has been identified in certain HP Workstation BIOS (UEFI firmware) which may allow arbitrary code execution. HP is releasing firmware mitigations for the potential vulnerability.
CVSS Score
8.4
EPSS Score
0.003
Published
2022-12-12
A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Denial of Service when running HP Workpath solutions on potentially affected products.
CVSS Score
9.8
EPSS Score
0.009
Published
2022-12-12
A potential security vulnerability has been identified in OMEN Gaming Hub and in HP Command Center which may allow escalation of privilege and/or denial of service. HP has released software updates to mitigate the potential vulnerability.
CVSS Score
9.8
EPSS Score
0.008
Published
2022-12-12
Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.
CVSS Score
9.8
EPSS Score
0.014
Published
2022-12-12
Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out 5.
CVSS Score
6.4
EPSS Score
0.005
Published
2022-12-12
A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-12-12
A vulnerability in NetBatch-Plus software allows unauthorized access to the application.
HPE has provided a workaround and fix. Please refer to HPE Security Bulletin
HPESBNS04388
for details.
CVSS Score
7.3
EPSS Score
0.002
Published
2022-11-22
IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 236588.
CVSS Score
5.4
EPSS Score
0.004
Published
2022-11-11