EUVD-2007-3633

Malware in sbrugna...

HP Web JetAdmin 6.5 Server Arbitrary Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Web JetAdmin 6.5 Server Arbitrary Command Execution', 'Description' = %q This module abuses a command execution vulnerability within the web...

Big-Name Targets Push Midnight Blizzard Hacking Spree Back Into the Limelight

Newly disclosed breaches of Microsoft and Hewlett-Packard Enterprise highlight the persistent threat posed by Midnight Blizzard, a notorious Russian cyber-espionage group...

HP PC Input Validation Error Vulnerability

HP PC is a computer product of Hewlett-Packard HP, U.S.A. An input validation error vulnerability exists in HP PC, which stems from a potential vulnerability found in the BIOS of some HP computer products that could allow denial of service. No detailed vulnerability details are currently availabl...

HP PC Input Validation Error Vulnerability (CNVD-2022-19504)

HP PC is a computer product of Hewlett-Packard HP, U.S.A. An input validation error vulnerability exists in HP PC, which stems from a potential vulnerability found in the BIOS of some HP computer products that could allow denial of service. No detailed vulnerability details are currently availabl...

HP Support Assistant Licensing Issue Vulnerability (CNVD-2022-15168)

HP Support Assistant is a solution from Hewlett-Packard HP that provides support and other functions for PCs and printers. HP Support Assistant has an authorization issue vulnerability that stems from the product's failure to effectively authenticate users, which could be exploited by an untruste...

HP Support Assistant Licensing Issue Vulnerability (CNVD-2022-15172)

HP Support Assistant is a solution from Hewlett-Packard HP that provides support and other functions for PCs and printers. HP Support Assistant has an authorization issue vulnerability that stems from the product's failure to effectively authenticate users, which could be exploited by an untruste...

HP Support Assistant Licensing Issue Vulnerability (CNVD-2022-15170)

HP Support Assistant is a solution from Hewlett-Packard HP that provides support and other functions for PCs and printers. HP Support Assistant has an authorization issue vulnerability that stems from the product's failure to effectively authenticate users, which could be exploited by an untruste...

File Sanitizer for HP ProtectTools 5.0.1.3 - 'HPFSService' Unquoted Service Path

Exploit Title: File Sanitizer for HP ProtectTools 5.0.1.3 - 'HPFSService' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2022-02-14 Vendor : Hewlett-PackardHP Version : File Sanitizer for HP ProtectTools 5.0.1.3 Vendor Homepage : http://www.hp.com Tested on OS: Windows 7 Pro...

File Sanitizer for HP ProtectTools 5.0.1.3 - (HPFSService) Unquoted Service Path Vulnerability

Exploit Title: File Sanitizer for HP ProtectTools 5.0.1.3 - 'HPFSService' Unquoted Service Path Exploit Author : SamAlucard Vendor : Hewlett-PackardHP Version : File Sanitizer for HP ProtectTools 5.0.1.3 Vendor Homepage : http://www.hp.com Tested on OS: Windows 7 Pro Analyze PoC : ==============...

HP Support Assistant Arbitrary File Deletion Vulnerability

HP Support Assistant is a solution from Hewlett-Packard HP that provides support for PCs and printers, etc. HP Support Assistant is vulnerable to arbitrary file deletion, which could be exploited by attackers to delete arbitrary files...

Unauthorized access vulnerability in HP LaserJet Pro printer

Hp LaserJet Pro Printer is a laser printer from Hewlett-Packard Hp. hp LaserJet Pro printer has a security vulnerability that could be exploited by an attacker to potentially allow an unauthorized user to reconfigure, reset the device...

Unauthorized Access Vulnerability in HP LaserJet MFP M227sdn

Hewlett-Packard HP is one of the information technology IT companies, founded in 1939 1. Headquartered in Palo Alto, California, USA. Hewlett-Packard has three business groups: Information Products Group, Printing and Imaging Systems Group and Enterprise Computer Professional Services Group. An...

Unauthorized Access Vulnerability in HP-LaserJet Series at Hewlett-Packard Trading (Shanghai) Co.

HP-LaserJet series is a printer of Hewlett-Packard Trading Shanghai Co. An unauthorized access vulnerability exists in the HP-LaserJet Series of Hewlett-Packard Limited in China, which can be exploited by attackers to obtain sensitive information...

CVE-2020-7208

LinuxKI v6.0-1 and earlier is vulnerable to an XSS which is resolved in release 6.0-2. Recent assessments: cinzinga at March 09, 2020 9:38pm UTC reported: I am the founder of this exploit. While it is in a Hewlett-Packard product, it is a very obscure piece of software and was no longer actively...

xglance-bin Local Root Privilege Escalation

!/bin/sh Exploit Title: xglance-bin root privesc Exploit Author: Robert Jaroszuk and Marco Ortisi RedTimmy Security Date: February 2020 Tested on: RHEL 5.x/6.x/7.x/8.x CVE: CVE-2014-2630 Disclamer: This exploit is for educational purpose only More details on...

xglance-bin 11.00 - Privilege Escalation

xglance-bin 11.00 - Privilege Escalation Exploit Title: xglance-bin 11.00 - Privilege Escalation Exploit Author: Robert Jaroszuk and Marco Ortisi RedTimmy Security Date: 2020-02-01 Tested on: RHEL 5.x/6.x/7.x/8.x CVE: CVE-2014-2630 Disclamer: This exploit is for educational purpose only More...

JVN#51046809: ArcSight Management Center and ArcSight Logger vulnerable to cross-site scripting

ArcSight Management Center and ArcSight Logger from Hewlett-Packard Development Company L.P. contain a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the...

Hewlett-Packard Vertica Remote Command Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Vertica. Authentication is not required to exploit this vulnerability. The specific flaw exists within the vertica-udx-zygote process, which listens on a random port in the ephemera...

[security bulletin] HPSBGN03387 rev.1 - HP Intelligent Provisioning, Remote Code Execution, Unauthorized Access

Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04756070 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04756070 Version: 1 HPSBGN03387 rev.1 - HP Intelligent Provisioning, Remote Code...