Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2002-1614

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-25 Mar, 2005 | 05:00
Updated At-08 Aug, 2024 | 03:34
Rejected At-
Credits

Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:25 Mar, 2005 | 05:00
Updated At:08 Aug, 2024 | 03:34
Rejected At:
â–¼CVE Numbering Authority (CNA)

Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.kb.cert.org/vuls/id/435611
third-party-advisory
x_refsource_CERT-VN
http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
vendor-advisory
x_refsource_HP
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
mailing-list
x_refsource_FULLDISC
http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
vendor-advisory
x_refsource_HP
https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
vdb-entry
x_refsource_XF
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
mailing-list
x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/290115
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.kb.cert.org/vuls/id/435611
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.securityfocus.com/archive/1/290115
Resource:
mailing-list
x_refsource_BUGTRAQ
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.kb.cert.org/vuls/id/435611
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
vendor-advisory
x_refsource_HP
x_transferred
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
mailing-list
x_refsource_FULLDISC
x_transferred
http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
vendor-advisory
x_refsource_HP
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
vdb-entry
x_refsource_XF
x_transferred
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.securityfocus.com/archive/1/290115
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/435611
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/290115
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:09 Sep, 2002 | 04:00
Updated At:16 Apr, 2026 | 00:27

Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
HP Inc.
hp
>>hp-ux>>10.20
cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.00
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.04
cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.11
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.22
cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>4.0f
cpe:2.3:o:hp:tru64:4.0f:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>4.0g
cpe:2.3:o:hp:tru64:4.0g:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.0a
cpe:2.3:o:hp:tru64:5.0a:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.1
cpe:2.3:o:hp:tru64:5.1:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.1a
cpe:2.3:o:hp:tru64:5.1a:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.htmlcve@mitre.org
N/A
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.htmlcve@mitre.org
N/A
http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11cve@mitre.org
N/A
http://www.kb.cert.org/vuls/id/435611cve@mitre.org
Third Party Advisory
US Government Resource
http://www.securityfocus.com/archive/1/290115cve@mitre.org
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/10016cve@mitre.org
N/A
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.kb.cert.org/vuls/id/435611af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.securityfocus.com/archive/1/290115af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/10016af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/435611
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.securityfocus.com/archive/1/290115
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/435611
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.securityfocus.com/archive/1/290115
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

156Records found
CVE-2017-3210
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.59%
||
7 Day CHG~0.00%
Published-24 Jul, 2018 | 15:00
Updated-05 Aug, 2024 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution

Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26.

Action-Not Available
Vendor-portraitPortrait DisplayHP Inc.PhilipsFujitsu Limited
Product-displayview_clickportrait_display_sdkdisplay_assistantmy_displaydisplayview_click_suitesmart_control_premiumSDK
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-16
Not Available
CVE-2013-6208
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.72%
||
7 Day CHG~0.00%
Published-16 Mar, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Smart Update Manager 5.3.5 before build 70 on Linux allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.Linux Kernel Organization, Inc
Product-smart_update_managerlinux_kerneln/a
CVE-2012-5220
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.18%
||
7 Day CHG~0.00%
Published-26 Apr, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2019-6333
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 21.10%
||
7 Day CHG~0.00%
Published-11 Oct, 2019 | 16:06
Updated-04 Aug, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified with certain versions of HP Touchpoint Analytics prior to version 4.1.4.2827. This vulnerability may allow a local attacker with administrative privileges to execute arbitrary code via an HP Touchpoint Analytics system service.

Action-Not Available
Vendor-HPHP Inc.
Product-touchpoint_analyticsTouchpoint Analytics
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-6329
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-7.06% / 91.67%
||
7 Day CHG~0.00%
Published-25 Jun, 2019 | 16:24
Updated-04 Aug, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6328.

Action-Not Available
Vendor-HPHP Inc.
Product-support_assistantHP Support Assistant
CVE-2019-6328
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.64%
||
7 Day CHG~0.00%
Published-25 Jun, 2019 | 16:23
Updated-04 Aug, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6329.

Action-Not Available
Vendor-HPHP Inc.
Product-support_assistantHP Support Assistant
CVE-2019-4322
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.08% / 24.57%
||
7 Day CHG~0.00%
Published-01 Jul, 2019 | 15:05
Updated-17 Sep, 2024 | 04:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 161202.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kerneldb2hp-uxwindowsaixDB2 for Linux, UNIX and Windows
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2291
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.03% / 9.88%
||
7 Day CHG~0.00%
Published-21 Jan, 2013 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack.

Action-Not Available
Vendor-n/aApple Inc.HP Inc.ELAN Microelectronics Corporation
Product-avamarhp-uxmac_os_xavamar_pluginn/a
CVE-2016-9795
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.45%
||
7 Day CHG~0.00%
Published-27 Jan, 2017 | 22:01
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.

Action-Not Available
Vendor-n/aCA Technologies (Broadcom Inc.)IBM CorporationOracle CorporationLinux Kernel Organization, IncBroadcom Inc.HP Inc.
Product-universal_job_management_agenthp-uxclient_automationca_workload_automation_aesystemedgevirtual_assurance_for_infrastructure_managerssystems_performance_for_infrastructure_managersaixsolarislinux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-1738
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.92%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) applications, which allows local users to gain privileges by leveraging unintended filesystem write access.

Action-Not Available
Vendor-n/aHP Inc.
Product-palm_webosn/a
CVE-2010-3008
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.2||HIGH
EPSS-0.04% / 13.98%
||
7 Day CHG~0.00%
Published-13 Sep, 2010 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 on Windows allows local users to gain privileges or cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3007.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protector_expressn/a
CVE-2021-39299
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.8||HIGH
EPSS-0.06% / 19.00%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 16:38
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-proone_600_g5_21.5-in_all-in-one_business_pcelitebook_840_g5zbook_studio_g5_firmwareprobook_440_g5elitebook_1050_g1_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pcprobook_640_g7eliteone_800_g6_27_all-in-one_pcprobook_640_g4prodesk_680_g6_pci_microtower_pceliteone_800_g6_24_all-in-one_pc_firmwareelitedesk_805_g8_small_form_factor_pczhan_66_pro_14_g2probook_630_g8_firmwareelitebook_x360_830_g5_firmwareelitebook_x360_830_g5prodesk_600_g5_microtower_pc\(with_pci_slot\)elite_x2_1013_g3elitedesk_800_g5_small_form_factor_pcelitedesk_880_g6_tower_pcprodesk_600_g4_microtower_pc\(with_pci_slot\)_firmwareproone_440_g6_24_all-in-one_pc_firmwarezhan_66_pro_13_g2elite_dragonflyprobook_440_g5_firmwareelite_dragonfly_maxelitebook_840_g7_firmwareprodesk_405_g8_desktop_mini_pczbook_14u_g6_firmwareeliteone_800_g8_24_all-in-one_pc260_g3_desktop_mini_pcprobook_x360_11_g3_education_editionzbook_17_g6zbook_15_g6probook_650_g8_firmwareproone_400_g6_24_all-in-one_pcelitebook_850_g6_firmwareeliteone_800_g6_24_all-in-one_pcprodesk_480_g5_microtower_pcprobook_430_g8_firmwareelitedesk_800_95w_g4_desktop_mini_pczbook_fury_17_g7_firmwarezhan_66_pro_14_g3elitedesk_800_g4_workstation_editionzbook_studio_15_g8_firmwareelitedesk_880_g8_tower_pc_firmwareelitebook_836_g6prodesk_405_g8_small_form_factor_pczbook_17_g6_firmwareprobook_470_g5elitedesk_800_65w_g4_desktop_mini_pcelitebook_850_g5_firmwareprodesk_480_g7_pci_microtower_pc_firmwareelitebook_840_g8elitebook_x360_1030_g7_firmwareprobook_640_g4_firmwareelitebook_846_g5probook_x360_11_g7_education_editionelitedesk_800_g4_small_form_factor_pc_firmwarezbook_fury_15_g7z4_g4_workstation_\(xeon_w\)zhan_66_pro_15_g3eliteone_800_g5_23.8-in_healthcare_edition_all-in-oneproone_440_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g8_tower_pczbook_17_g5_firmwareelitebook_x360_1040_g8_firmwareelitebook_830_g5z8_g4_workstation_firmwarezhan_66_pro_g3_24_all-in-one_pcelitedesk_800_g6_tower_pcproone_600_g6_22_all-in-one_pc_firmwareelitebook_x360_1040_g6elitebook_840_g6_firmwareprodesk_405_g8_desktop_mini_pc_firmwarezhan_66_pro_15_g2elitedesk_800_g5_tower_pcelitebook_840_g5_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmwareelitebook_x360_1030_g8probook_640_g5zbook_firefly_14_g7_firmwareproone_400_g6_20_all-in-one_pc_firmwarez1_entry_tower_g6_workstationprobook_x360_11_g6_education_editionz4_g4_workstation_\(xeon_w\)_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmwareelite_dragonfly_g2elitebook_830_g6prodesk_400_g7_microtower_pcprodesk_600_g5_small_form_factor_pcproone_440_g5_23.8-in_all-in-one_business_pc_firmwareprobook_x360_11_g7_education_edition_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pcprobook_430_g6_firmwareprodesk_400_g6_small_form_factor_pc_firmwareeliteone_800_g5_23.8-inch_all-in-oneprodesk_600_g4_desktop_mini_pc_firmwareprobook_650_g5_firmwarez1_entry_tower_g5_workstationeliteone_800_g8_27_all-in-one_pcproone_400_g4_20-inch_non-touch_all-in-one_business_pcproone_400_g5_20-inch_all-in-one_business_pc260_g3_desktop_mini_pc_firmwarez1_entry_tower_g5_workstation_firmwarezbook_fury_17_g8elitedesk_800_g4_small_form_factor_pcprodesk_680_g4_microtower_pceliteone_800_g6_27_all-in-one_pc_firmwareelitebook_x360_830_g7elitebook_x360_1040_g8probook_450_g5probook_450_g6_firmwareelitebook_836_g6_firmwareelitedesk_880_g4_tower_pceliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmwareelitebook_x360_1030_g7prodesk_400_g6_microtower_pc_firmwareprobook_430_g5_firmwareelitebook_836_g5_firmwareelitebook_x360_1040_g7_firmwareprobook_650_g7_firmwarezbook_17_g5probook_x360_440_g1zhan_66_pro_15_g3_firmwareprodesk_400_g5_microtower_pcprobook_440_g7elitebook_x360_1040_g5elitedesk_800_35w_g4_desktop_mini_pczbook_fury_17_g8_firmwareeliteone_800_g8_27_all-in-one_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmwareelitebook_850_g8prodesk_600_g4_microtower_pcelitebook_x360_1030_g4probook_x360_440_g1_firmwareelitebook_830_g8_firmwareprodesk_600_g4_small_form_factor_pcprodesk_600_g5_microtower_pc_firmwareelitedesk_880_g6_tower_pc_firmwarezbook_15_g5_firmwareelitebook_840_g5_healthcare_edition_firmwareprodesk_400_g6_desktop_mini_pcz1_entry_tower_g6_workstation_firmwareprobook_x360_11_g3_education_edition_firmwareprodesk_400_g5_small_form_factor_pc_firmwarezbook_firefly_14_g7elitebook_840_g6_healthcare_edition_firmwarezbook_fury_15_g8mp9_g4_retail_systemprobook_640_g7_firmwareelitebook_840_g6zhan_66_pro_g3_24_all-in-one_pc_firmwareelitebook_x360_830_g8probook_470_g5_firmwareengage_flex_mini_retail_system_firmwareelitebook_850_g8_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pcelitebook_x360_830_g6probook_450_g8prodesk_400_g5_microtower_pc_firmwarezbook_power_15_g8_firmwareelitedesk_880_g5_tower_pc_firmwareprodesk_600_g5_microtower_pc\(with_pci_slot\)_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmwareprobook_x360_11_g4_education_editionzbook_studio_g7prodesk_600_g4_microtower_pc\(with_pci_slot\)elitebook_840_aero_g8_firmwareproone_400_g6_20_all-in-one_pcprodesk_600_g5_microtower_pcprodesk_600_g6_small_form_factor_pczbook_fury_15_g7_firmwarez4_g4_workstation_\(core-x\)_firmwareprobook_640_g8_firmwarezbook_14u_g5_firmwareprodesk_600_g6_small_form_factor_pc_firmwareeliteone_1000_g2_23.8-in_all-in-one_business_pc_firmwarezbook_studio_x360_g5elitedesk_800_g8_small_form_factor_pc_firmwarez1_g8_tower_desktop_pc_firmwarezbook_15u_g6zbook_studio_x360_g5_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pcelitedesk_800_g8_desktop_mini_pcproone_400_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g4_tower_pcelitedesk_880_g5_tower_pczbook_firefly_15_g8elite_dragonfly_max_firmwarezbook_studio_g7_firmwareproone_440_g5_23.8-in_all-in-one_business_pcprobook_x360_11_g6_education_edition_firmwarezbook_firefly_15_g7_firmwarez6_g4_workstationproone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pcelitebook_846_g5_firmwareprodesk_600_g5_small_form_factor_pc_firmwareelite_x2_g8_tabletzbook_15u_g5prodesk_600_g6_microtower_pczbook_fury_17_g7elitebook_840_g5_healthcare_editionprodesk_480_g6_microtower_pc_firmwareproone_440_g6_24_all-in-one_pceliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmwareprodesk_400_g4_desktop_mini_pc_firmwareelite_x2_1013_g3_firmwareelitedesk_805_g6_small_form_factor_pcprodesk_400_g5_small_form_factor_pcelitebook_830_g7_firmwarezbook_14u_g6eliteone_1000_g2_23.8-in_touch_all-in-one_business_pcelitebook_850_g6probook_450_g7zbook_15u_g6_firmwareproone_400_g6_24_all-in-one_pc_firmwareelitedesk_880_g4_tower_pc_firmwareprodesk_680_g6_pci_microtower_pc_firmwareprodesk_400_g6_microtower_pcprobook_440_g8prodesk_600_g4_desktop_mini_pcprobook_450_g7_firmwareprobook_640_g5_firmwareprobook_440_g6probook_450_g6prodesk_600_g5_desktop_mini_pc_firmwareprodesk_600_g5_desktop_mini_pcprobook_630_g8probook_650_g8probook_650_g4_firmwarezbook_firefly_15_g8_firmwarezbook_fury_15_g8_firmwareelitedesk_800_g6_small_form_factor_pcprobook_650_g4zhan_x_13_g2probook_650_g5zbook_studio_g5z6_g4_workstation_firmwareprodesk_600_g4_small_form_factor_pc_firmwareelitedesk_800_g8_desktop_mini_pc_firmwarezbook_create_g7elitedesk_805_g8_small_form_factor_pc_firmwarezhan_66_pro_14_g2_firmwareprodesk_600_g4_microtower_pc_firmwareprobook_430_g8zbook_studio_15_g8elitedesk_800_g5_desktop_mini_pc_firmwareprodesk_400_g6_desktop_mini_pc_firmwareelitebook_x360_1040_g7elite_x2_g4prodesk_600_g6_desktop_mini_pc_firmwarezbook_15_g5probook_430_g6eliteone_800_g5_23.8-inch_all-in-one_firmwareelitebook_830_g8elitebook_x360_1030_g3proone_400_g5_23.8-inch_all-in-one_business_pc_firmwareelitedesk_805_g6_desktop_mini_pc_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmwareproone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmwareelitedesk_800_g5_desktop_mini_pcelitedesk_800_g6_small_form_factor_pc_firmwarezhan_x_13_g2_firmwareelitebook_x360_830_g8_firmwareprodesk_600_g6_desktop_mini_pczhan_66_pro_14_g4prodesk_680_g4_microtower_pc\(with_pci_slot\)probook_430_g7probook_450_g8_firmwareproone_400_g5_23.8-inch_all-in-one_business_pcprodesk_680_g4_microtower_pc\(with_pci_slot\)_firmwareelitebook_836_g5elitedesk_800_g5_small_form_factor_pc_firmwareelitedesk_800_g8_tower_pc_firmwareproone_400_g5_20-inch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmwareprodesk_680_g4_microtower_pc_firmwareelitebook_830_g7elitedesk_800_g6_desktop_mini_pcprodesk_400_g7_small_form_factor_pcprobook_650_g7prodesk_400_g7_microtower_pc_firmwareprodesk_600_g6_microtower_pc_firmwareelitedesk_805_g6_desktop_mini_pcprobook_x360_11_g4_education_edition_firmwareelite_x2_g8_tablet_firmwareeliteone_1000_g2_34-in_curved_all-in-one_business_pcelite_dragonfly_firmwareelitedesk_800_95w_g4_desktop_mini_pc_firmwareprobook_440_g6_firmwareelitebook_x360_830_g6_firmwareelitebook_840_g8_firmwareelitebook_830_g6_firmwareelitebook_850_g7zhan_66_pro_g3_22_all-in-one_pcelitedesk_805_g6_small_form_factor_pc_firmwarezbook_firefly_14_g8elitedesk_800_g6_tower_pc_firmwarezhan_66_pro_g1_firmwareprobook_x360_11_g5_education_edition_firmwareelitebook_x360_1040_g5_firmwareprobook_430_g5probook_430_g7_firmwareelitedesk_800_g6_desktop_mini_pc_firmwareelite_x2_g4_firmwarezbook_power_g7_firmwarezhan_66_pro_13_g2_firmwarezbook_power_15_g8zbook_firefly_14_g8_firmwareelitebook_x360_830_g7_firmwareelite_dragonfly_g2_firmwareelitebook_850_g7_firmwareelitebook_x360_1030_g3_firmwareproone_600_g6_22_all-in-one_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmwareelitedesk_800_g4_workstation_edition_firmwarezhan_66_pro_g3_22_all-in-one_pc_firmwareeliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmwareelitebook_840_g6_healthcare_editioneliteone_1000_g2_23.8-in_all-in-one_business_pcelitebook_840_aero_g8probook_450_g5_firmwarezhan_66_pro_15_g2_firmwarezhan_66_pro_14_g4_firmwarezbook_firefly_15_g7eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pcprodesk_480_g6_microtower_pcz8_g4_workstationzbook_14u_g5eliteone_800_g8_24_all-in-one_pc_firmwareelitedesk_805_g8_desktop_mini_pc_firmwareprodesk_400_g4_desktop_mini_pcelitebook_x360_1030_g8_firmwareprobook_640_g8zhan_66_pro_g1z4_g4_workstation_\(core-x\)mp9_g4_retail_system_firmwareelitebook_840_g7elitebook_840r_g4elitedesk_800_g4_tower_pc_firmwareelitebook_1050_g1prodesk_400_g7_small_form_factor_pc_firmwareengage_flex_mini_retail_systemprodesk_400_g5_desktop_mini_pcelitebook_850_g5zbook_power_g7z1_g8_tower_desktop_pcprobook_440_g7_firmwareelitedesk_880_g8_tower_pcproone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareelitebook_x360_1040_g6_firmwareproone_600_g5_21.5-in_all-in-one_business_pc_firmwareelitebook_x360_1030_g4_firmwareelitedesk_800_g8_small_form_factor_pczhan_66_pro_14_g3_firmwarezbook_15u_g5_firmwareelitedesk_805_g8_desktop_mini_pcprobook_x360_11_g5_education_editionprobook_440_g8_firmwareelitedesk_800_35w_g4_desktop_mini_pc_firmwareelitebook_830_g5_firmwarezbook_15_g6_firmwareelitedesk_800_g5_tower_pc_firmwareelitebook_840r_g4_firmwareprodesk_405_g8_small_form_factor_pc_firmwareprodesk_480_g7_pci_microtower_pcprodesk_480_g5_microtower_pc_firmwareelitedesk_800_65w_g4_desktop_mini_pc_firmwarezbook_create_g7_firmwareprodesk_400_g5_desktop_mini_pc_firmwareprodesk_400_g6_small_form_factor_pcBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS
CVE-2021-39297
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.8||HIGH
EPSS-0.37% / 59.05%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 16:38
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-proone_600_g5_21.5-in_all-in-one_business_pcelitebook_840_g5zbook_studio_g5_firmwareprobook_440_g5elitebook_1050_g1_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pcprobook_640_g7eliteone_800_g6_27_all-in-one_pcprobook_640_g4prodesk_680_g6_pci_microtower_pceliteone_800_g6_24_all-in-one_pc_firmwareelitedesk_805_g8_small_form_factor_pczhan_66_pro_14_g2probook_630_g8_firmwareelitebook_x360_830_g5_firmwareelitebook_x360_830_g5prodesk_600_g5_microtower_pc\(with_pci_slot\)elite_x2_1013_g3elitedesk_800_g5_small_form_factor_pcelitedesk_880_g6_tower_pcprodesk_600_g4_microtower_pc\(with_pci_slot\)_firmwareproone_440_g6_24_all-in-one_pc_firmwarezhan_66_pro_13_g2elite_dragonflyprobook_440_g5_firmwareelite_dragonfly_maxelitebook_840_g7_firmwareprodesk_405_g8_desktop_mini_pczbook_14u_g6_firmwareeliteone_800_g8_24_all-in-one_pc260_g3_desktop_mini_pcprobook_x360_11_g3_education_editionzbook_17_g6zbook_15_g6probook_650_g8_firmwareproone_400_g6_24_all-in-one_pcelitebook_850_g6_firmwareeliteone_800_g6_24_all-in-one_pcprodesk_480_g5_microtower_pcprobook_430_g8_firmwareelitedesk_800_95w_g4_desktop_mini_pczbook_fury_17_g7_firmwarezhan_66_pro_14_g3elitedesk_800_g4_workstation_editionzbook_studio_15_g8_firmwareelitedesk_880_g8_tower_pc_firmwareprodesk_405_g8_small_form_factor_pcelitebook_836_g6zbook_17_g6_firmwareprobook_470_g5elitedesk_800_65w_g4_desktop_mini_pcelitebook_850_g5_firmwareprodesk_480_g7_pci_microtower_pc_firmwareelitebook_840_g8elitebook_x360_1030_g7_firmwareprobook_640_g4_firmwareelitebook_846_g5probook_x360_11_g7_education_editionelitedesk_800_g4_small_form_factor_pc_firmwarezbook_fury_15_g7z4_g4_workstation_\(xeon_w\)zhan_66_pro_15_g3eliteone_800_g5_23.8-in_healthcare_edition_all-in-oneproone_440_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g8_tower_pczbook_17_g5_firmwareelitebook_x360_1040_g8_firmwarez8_g4_workstation_firmwareelitebook_830_g5zhan_66_pro_g3_24_all-in-one_pcelitedesk_800_g6_tower_pcproone_600_g6_22_all-in-one_pc_firmwareelitebook_x360_1040_g6elitebook_840_g6_firmwareprodesk_405_g8_desktop_mini_pc_firmwarezhan_66_pro_15_g2elitedesk_800_g5_tower_pcelitebook_840_g5_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmwareelitebook_x360_1030_g8probook_640_g5zbook_firefly_14_g7_firmwareproone_400_g6_20_all-in-one_pc_firmwarez1_entry_tower_g6_workstationprobook_x360_11_g6_education_editionz4_g4_workstation_\(xeon_w\)_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmwareelite_dragonfly_g2elitebook_830_g6prodesk_400_g7_microtower_pcprodesk_600_g5_small_form_factor_pcproone_440_g5_23.8-in_all-in-one_business_pc_firmwareprobook_x360_11_g7_education_edition_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pcprobook_430_g6_firmwareprodesk_400_g6_small_form_factor_pc_firmwareeliteone_800_g5_23.8-inch_all-in-oneprodesk_600_g4_desktop_mini_pc_firmwareprobook_650_g5_firmwarez1_entry_tower_g5_workstationeliteone_800_g8_27_all-in-one_pcproone_400_g4_20-inch_non-touch_all-in-one_business_pcproone_400_g5_20-inch_all-in-one_business_pc260_g3_desktop_mini_pc_firmwarez1_entry_tower_g5_workstation_firmwarezbook_fury_17_g8elitedesk_800_g4_small_form_factor_pcprodesk_680_g4_microtower_pceliteone_800_g6_27_all-in-one_pc_firmwareelitebook_x360_830_g7elitebook_x360_1040_g8probook_450_g5probook_450_g6_firmwareelitebook_836_g6_firmwareelitedesk_880_g4_tower_pceliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmwareelitebook_x360_1030_g7prodesk_400_g6_microtower_pc_firmwareprobook_430_g5_firmwareelitebook_836_g5_firmwareelitebook_x360_1040_g7_firmwareprobook_650_g7_firmwarezbook_17_g5probook_x360_440_g1zhan_66_pro_15_g3_firmwareprodesk_400_g5_microtower_pcprobook_440_g7elitebook_x360_1040_g5elitedesk_800_35w_g4_desktop_mini_pczbook_fury_17_g8_firmwareeliteone_800_g8_27_all-in-one_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmwareelitebook_850_g8prodesk_600_g4_microtower_pcelitebook_x360_1030_g4probook_x360_440_g1_firmwareelitebook_830_g8_firmwareprodesk_600_g4_small_form_factor_pcprodesk_600_g5_microtower_pc_firmwareelitedesk_880_g6_tower_pc_firmwarezbook_15_g5_firmwareelitebook_840_g5_healthcare_edition_firmwareprodesk_400_g6_desktop_mini_pcz1_entry_tower_g6_workstation_firmwareprobook_x360_11_g3_education_edition_firmwareprodesk_400_g5_small_form_factor_pc_firmwarezbook_firefly_14_g7elitebook_840_g6_healthcare_edition_firmwaremp9_g4_retail_systemzbook_fury_15_g8probook_640_g7_firmwarezhan_66_pro_g3_24_all-in-one_pc_firmwareelitebook_840_g6elitebook_x360_830_g8probook_470_g5_firmwareengage_flex_mini_retail_system_firmwareelitebook_850_g8_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pcelitebook_x360_830_g6probook_450_g8prodesk_400_g5_microtower_pc_firmwarezbook_power_15_g8_firmwareelitedesk_880_g5_tower_pc_firmwareprodesk_600_g5_microtower_pc\(with_pci_slot\)_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmwareprobook_x360_11_g4_education_editionzbook_studio_g7prodesk_600_g4_microtower_pc\(with_pci_slot\)elitebook_840_aero_g8_firmwareproone_400_g6_20_all-in-one_pcprodesk_600_g5_microtower_pcprodesk_600_g6_small_form_factor_pcz4_g4_workstation_\(core-x\)_firmwarezbook_fury_15_g7_firmwareprobook_640_g8_firmwarezbook_14u_g5_firmwareprodesk_600_g6_small_form_factor_pc_firmwareeliteone_1000_g2_23.8-in_all-in-one_business_pc_firmwarezbook_studio_x360_g5elitedesk_800_g8_small_form_factor_pc_firmwarez1_g8_tower_desktop_pc_firmwarezbook_15u_g6zbook_studio_x360_g5_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pcelitedesk_800_g8_desktop_mini_pcproone_400_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g4_tower_pcelitedesk_880_g5_tower_pczbook_firefly_15_g8elite_dragonfly_max_firmwarezbook_studio_g7_firmwareproone_440_g5_23.8-in_all-in-one_business_pcprobook_x360_11_g6_education_edition_firmwarezbook_firefly_15_g7_firmwarez6_g4_workstationproone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pcelitebook_846_g5_firmwareprodesk_600_g5_small_form_factor_pc_firmwareelite_x2_g8_tabletzbook_15u_g5prodesk_600_g6_microtower_pczbook_fury_17_g7prodesk_480_g6_microtower_pc_firmwareelitebook_840_g5_healthcare_editionproone_440_g6_24_all-in-one_pceliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmwareprodesk_400_g4_desktop_mini_pc_firmwareelite_x2_1013_g3_firmwareelitedesk_805_g6_small_form_factor_pcprodesk_400_g5_small_form_factor_pcelitebook_830_g7_firmwarezbook_14u_g6eliteone_1000_g2_23.8-in_touch_all-in-one_business_pcelitebook_850_g6probook_450_g7proone_400_g6_24_all-in-one_pc_firmwarezbook_15u_g6_firmwareelitedesk_880_g4_tower_pc_firmwareprodesk_680_g6_pci_microtower_pc_firmwareprodesk_400_g6_microtower_pcprodesk_600_g4_desktop_mini_pcprobook_440_g8probook_450_g7_firmwareprobook_640_g5_firmwareprobook_440_g6prodesk_600_g5_desktop_mini_pc_firmwareprobook_450_g6prodesk_600_g5_desktop_mini_pcprobook_630_g8probook_650_g8probook_650_g4_firmwarezbook_firefly_15_g8_firmwarezbook_fury_15_g8_firmwareelitedesk_800_g6_small_form_factor_pcprobook_650_g4zhan_x_13_g2probook_650_g5z6_g4_workstation_firmwarezbook_studio_g5prodesk_600_g4_small_form_factor_pc_firmwareelitedesk_800_g8_desktop_mini_pc_firmwarezbook_create_g7elitedesk_805_g8_small_form_factor_pc_firmwarezhan_66_pro_14_g2_firmwareprodesk_600_g4_microtower_pc_firmwareprobook_430_g8zbook_studio_15_g8elitedesk_800_g5_desktop_mini_pc_firmwareprodesk_400_g6_desktop_mini_pc_firmwareelitebook_x360_1040_g7elite_x2_g4prodesk_600_g6_desktop_mini_pc_firmwarezbook_15_g5probook_430_g6eliteone_800_g5_23.8-inch_all-in-one_firmwareelitebook_830_g8elitebook_x360_1030_g3proone_400_g5_23.8-inch_all-in-one_business_pc_firmwareelitedesk_805_g6_desktop_mini_pc_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmwareproone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmwareelitedesk_800_g5_desktop_mini_pcelitedesk_800_g6_small_form_factor_pc_firmwarezhan_x_13_g2_firmwareprodesk_600_g6_desktop_mini_pcelitebook_x360_830_g8_firmwarezhan_66_pro_14_g4prodesk_680_g4_microtower_pc\(with_pci_slot\)probook_430_g7proone_400_g5_23.8-inch_all-in-one_business_pcprobook_450_g8_firmwareprodesk_680_g4_microtower_pc\(with_pci_slot\)_firmwareelitedesk_800_g5_small_form_factor_pc_firmwareelitebook_836_g5elitedesk_800_g8_tower_pc_firmwareproone_400_g5_20-inch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmwareprodesk_680_g4_microtower_pc_firmwareelitebook_830_g7elitedesk_800_g6_desktop_mini_pcprodesk_400_g7_small_form_factor_pcprobook_650_g7prodesk_400_g7_microtower_pc_firmwareprodesk_600_g6_microtower_pc_firmwareelitedesk_805_g6_desktop_mini_pcprobook_x360_11_g4_education_edition_firmwareelite_x2_g8_tablet_firmwareeliteone_1000_g2_34-in_curved_all-in-one_business_pcelite_dragonfly_firmwareelitedesk_800_95w_g4_desktop_mini_pc_firmwareprobook_440_g6_firmwareelitebook_x360_830_g6_firmwareelitebook_840_g8_firmwareelitebook_830_g6_firmwareelitebook_850_g7zhan_66_pro_g3_22_all-in-one_pcelitedesk_805_g6_small_form_factor_pc_firmwareelitebook_x360_1040_g5_firmwareelitedesk_800_g6_tower_pc_firmwarezhan_66_pro_g1_firmwareprobook_x360_11_g5_education_edition_firmwarezbook_firefly_14_g8probook_430_g5probook_430_g7_firmwareelitedesk_800_g6_desktop_mini_pc_firmwareelite_x2_g4_firmwarezbook_power_g7_firmwarezhan_66_pro_13_g2_firmwarezbook_power_15_g8zbook_firefly_14_g8_firmwareelitebook_x360_830_g7_firmwareelite_dragonfly_g2_firmwareelitebook_850_g7_firmwareelitebook_x360_1030_g3_firmwareproone_600_g6_22_all-in-one_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmwareelitedesk_800_g4_workstation_edition_firmwarezhan_66_pro_g3_22_all-in-one_pc_firmwareeliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmwareelitebook_840_g6_healthcare_editioneliteone_1000_g2_23.8-in_all-in-one_business_pcelitebook_840_aero_g8probook_450_g5_firmwarezhan_66_pro_15_g2_firmwarezhan_66_pro_14_g4_firmwarezbook_firefly_15_g7eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pcprodesk_480_g6_microtower_pcz8_g4_workstationzbook_14u_g5eliteone_800_g8_24_all-in-one_pc_firmwareelitedesk_805_g8_desktop_mini_pc_firmwareprodesk_400_g4_desktop_mini_pcelitebook_x360_1030_g8_firmwareprobook_640_g8zhan_66_pro_g1z4_g4_workstation_\(core-x\)mp9_g4_retail_system_firmwareelitebook_840_g7elitebook_840r_g4elitedesk_800_g4_tower_pc_firmwareelitebook_1050_g1prodesk_400_g7_small_form_factor_pc_firmwareengage_flex_mini_retail_systemprodesk_400_g5_desktop_mini_pcelitebook_850_g5z1_g8_tower_desktop_pczbook_power_g7probook_440_g7_firmwareelitedesk_880_g8_tower_pcproone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareelitebook_x360_1040_g6_firmwareproone_600_g5_21.5-in_all-in-one_business_pc_firmwareelitebook_x360_1030_g4_firmwareelitedesk_800_g8_small_form_factor_pczhan_66_pro_14_g3_firmwarezbook_15u_g5_firmwareelitedesk_805_g8_desktop_mini_pcprobook_x360_11_g5_education_editionelitedesk_800_35w_g4_desktop_mini_pc_firmwareprobook_440_g8_firmwareelitebook_830_g5_firmwarezbook_15_g6_firmwareelitedesk_800_g5_tower_pc_firmwareelitebook_840r_g4_firmwareprodesk_405_g8_small_form_factor_pc_firmwareprodesk_480_g7_pci_microtower_pcprodesk_480_g5_microtower_pc_firmwareelitedesk_800_65w_g4_desktop_mini_pc_firmwarezbook_create_g7_firmwareprodesk_400_g5_desktop_mini_pc_firmwareprodesk_400_g6_small_form_factor_pcBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS
CVE-2004-0965
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-26 Oct, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2012-1796
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 15.25%
||
7 Day CHG~0.00%
Published-20 Mar, 2012 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aIBM CorporationSun Microsystems (Oracle Corporation)Linux Kernel Organization, IncHP Inc.
Product-hp-uxsunosdb2aixlinux_kerneln/a
CVE-2003-1375
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.37% / 59.15%
||
7 Day CHG+0.01%
Published-19 Oct, 2007 | 10:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2003-0333
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.21% / 42.64%
||
7 Day CHG~0.00%
Published-23 May, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2002-2363
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.24% / 47.61%
||
7 Day CHG~0.00%
Published-29 Oct, 2007 | 19:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2003-0089
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.28% / 51.69%
||
7 Day CHG~0.00%
Published-18 Nov, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2003-0221
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 20.17%
||
7 Day CHG~0.00%
Published-29 Apr, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64n/a
CVE-2002-1616
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.34% / 57.39%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64n/a
CVE-2002-0678
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.43% / 62.90%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

Action-Not Available
Vendor-xi_graphicscompaqn/aHP Inc.IBM CorporationSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)The MITRE Corporation (Caldera)
Product-sunosdextopirixsolaristru64hp-uxunixwareaixopenunixn/a
CVE-2002-0991
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.86% / 75.37%
||
7 Day CHG~0.00%
Published-31 Aug, 2002 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters.

Action-Not Available
Vendor-n/aHP Inc.
Product-cifs-9000_servern/a
CVE-2001-1182
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 16.57%
||
7 Day CHG~0.00%
Published-15 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass certain security checks and gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2001-1181
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 16.82%
||
7 Day CHG~0.00%
Published-15 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2001-0551
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.11% / 29.43%
||
7 Day CHG~0.00%
Published-18 Feb, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2000-1134
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.18% / 39.02%
||
7 Day CHG~0.00%
Published-19 Dec, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

Action-Not Available
Vendor-immunixconectivan/aHP Inc.Mandriva (Mandrakesoft)Red Hat, Inc.The MITRE Corporation (Caldera)SUSE
Product-linuxopenlinuxmandrake_linuxsuse_linuxopenlinux_eserverhp-uxopenlinux_edesktopimmunixn/a
CVE-2000-0078
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.89%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0962
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.53%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1433
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.60% / 69.89%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file.

Action-Not Available
Vendor-n/aHP Inc.
Product-jetadminn/a
CVE-1999-1161
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.85%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0040
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.18% / 39.49%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

Action-Not Available
Vendor-bsdin/aHP Inc.IBM CorporationSilicon Graphics, Inc.NEC CorporationFreeBSD FoundationSun Microsystems (Oracle Corporation)
Product-up-ux_vsunosirixsolarisbsd_osfreebsdhp-uxaixasl_ux_4800ews-ux_vn/a
CVE-1999-0127
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.89%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2022-23928
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.2||HIGH
EPSS-0.06% / 19.42%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 17:54
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

Action-Not Available
Vendor-n/aHP Inc.
Product-pc_biosHP PC BIOS
CVE-2022-23924
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.2||HIGH
EPSS-0.06% / 19.42%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 17:54
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

Action-Not Available
Vendor-n/aHP Inc.
Product-pc_biosHP PC BIOS
CVE-2022-23929
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.2||HIGH
EPSS-0.06% / 19.42%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 17:54
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

Action-Not Available
Vendor-n/aHP Inc.
Product-pc_biosHP PC BIOS
CVE-2022-23931
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.2||HIGH
EPSS-0.06% / 19.42%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 17:54
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

Action-Not Available
Vendor-n/aHP Inc.
Product-pc_biosHP PC BIOS
CVE-2022-23933
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.2||HIGH
EPSS-0.06% / 19.42%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 17:54
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

Action-Not Available
Vendor-n/aHP Inc.
Product-pc_biosHP PC BIOS
CVE-2022-23934
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.2||HIGH
EPSS-0.06% / 18.96%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 17:54
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

Action-Not Available
Vendor-n/aHP Inc.
Product-pc_biosHP PC BIOS
CVE-2022-23926
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.2||HIGH
EPSS-0.06% / 19.42%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 17:54
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

Action-Not Available
Vendor-n/aHP Inc.
Product-pc_biosHP PC BIOS
CVE-2022-23932
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.2||HIGH
EPSS-0.06% / 19.42%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 17:54
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.

Action-Not Available
Vendor-n/aHP Inc.
Product-pc_biosHP PC BIOS
CVE-2016-4364
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.05% / 14.65%
||
7 Day CHG~0.00%
Published-08 Jun, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Insight Control server deployment allows local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-insight_control_server_deploymentn/a
CVE-2019-16287
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.16% / 37.02%
||
7 Day CHG~0.00%
Published-22 Nov, 2019 | 21:30
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed commands with elevated privileges.

Action-Not Available
Vendor-HPHP Inc.
Product-thinproThinPro Linux
CVE-2003-1359
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.29% / 52.95%
||
7 Day CHG+0.01%
Published-17 Oct, 2007 | 01:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.

Action-Not Available
Vendor-n/aAvaya LLCHP Inc.
Product-hp-uxpredictive_dialer_systemn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-3710
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.17% / 38.14%
||
7 Day CHG+0.10%
Published-11 May, 2016 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.

Action-Not Available
Vendor-n/aCanonical Ltd.QEMUOracle CorporationCitrix (Cloud Software Group, Inc.)Red Hat, Inc.HP Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxvm_serverenterprise_linux_serverqemuhelion_openstackenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_euslinuxenterprise_linux_server_ausopenstackxenservervirtualizationn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2003-0840
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.44% / 63.70%
||
7 Day CHG~0.00%
Published-09 Oct, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2016-2246
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.05%
||
7 Day CHG~0.00%
Published-29 Dec, 2016 | 09:02
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-thinpron/a
CVE-1999-1134
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.17% / 38.55%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2002-1612
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.68% / 72.02%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxtru64n/a
CVE-2003-1358
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.84% / 75.10%
||
7 Day CHG+0.03%
Published-17 Oct, 2007 | 01:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found