Hp: Security Vulnerabilities
A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.
CVSS Score
8.8
EPSS Score
0.0
Published
2022-02-16
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-02-16
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-02-16
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
CVSS Score
7.8
EPSS Score
0.007
Published
2022-02-16
Potential arbitrary file deletion vulnerability has been identified in HP Support Assistant software.
CVSS Score
5.5
EPSS Score
0.003
Published
2022-01-28
IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X-Force ID: 217224.
CVSS Score
4.8
EPSS Score
0.002
Published
2022-01-19
Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-01-14
IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID: 214438.
CVSS Score
6.2
EPSS Score
0.001
Published
2021-12-13
A security vulnerability has been identified in HPE StoreServ Management Console (SSMC). An authenticated SSMC administrator could exploit the vulnerability to inject code and elevate their privilege in SSMC. The scope of this vulnerability is limited to SSMC. Note: The arrays being managed are not impacted by this vulnerability. This vulnerability impacts SSMC versions 3.4 GA to 3.8.1.
CVSS Score
7.2
EPSS Score
0.003
Published
2021-12-10
IBM Db2 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an Information Disclosure when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restrictions. IBM X-Force ID: 199521.
CVSS Score
5.9
EPSS Score
0.003
Published
2021-12-09