CVE-2022-23955

Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service...

CVE-2019-18913

A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP...

EUVD-2022-53280

Malicious code in bioql PyPI...

Information disclosure

Potential time-of-check to time-of-use TOCTOU vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure...

Insyde UEFI Firmware March 2023 Security Update (TOCTOU)

Potential Time-of-Check to Time-of-Use TOCTOU vulnerabilities have been identified in certain HP PC products using Insyde UEFI firmware InsydeH20, which may allow arbitrary code execution, denial of service, and information disclosure. Firmware updates have been released to mitigate the potential...

CVE-2021-3808

Potential security vulnerabilities have been identified in the BIOS UEFI Firmware for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities...

CVE-2022-37018

A potential vulnerability has been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerability...

CVE-2022-37018

A potential vulnerability has been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerability...

CVE-2022-23926

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure...

CVE-2019-18913

A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP...

HP Touchpoint Analytics Opens PCs to Code Execution Attack

A security flaw, discovered in an open-source software program that is a key component of HP’s TouchPoint Analytics service, is opening up a wide swath of HP computers to attack. The vulnerability, if exploited by local attackers with administrative privileges, can allow them to execute arbitrary...

HPSBHF03582 rev. 2 - KRACK Vulnerability Affecting WPA2 Wireless Security

Potential Security Impact Information Disclosure Source: University of Leuven Reported by: Intel VULNERABILITY SUMMARY Enhancement to address CVE-2017-13080 and CVE-2017-13081, which is the KRACK vulnerability that affects the security of WPA2 wireless LAN encryption. RESOLUTION A Microsoft...

HPSBGN3552 rev.1 HP Secure Boot UEFI Update

Potential Security Impact Secure Boot Bypass VULNERABILITY SUMMARY HP UEFI update to support Microsoft's enhanced protection of Windows secure boot policies. RESOLUTION HP has provided firmware updates to address the vulnerability for HP PCs with UEFI Firmware. To acquire the firmware updates, go...

HPSBHF03513 rev.2 - HP PCs and Workstations running Windows and Linux with NVIDIA Graphics Driver, Local Denial of Service (DoS), Elevation of Privilege

Potential Security Impact Denial of Service DoS, elevation of privilege VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with certain HP PCs and workstations with Windows and Linux running the NVIDIA Graphics Driver. The vulnerabilities could be locally exploited...

[security bulletin] HPSBHF03408 rev.2 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code

Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04773272 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04773272 Version: 2 HPSBHF03408 rev.2 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G...

HPSBHF03408 rev.3 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code

Potential Security Impact Remote execution of arbitrary code VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in certain HP notebook PCs with the HP lt4112 LTE/HSPA+ Gobi 4G Module. The vulnerabilities could be exploited remotely to allow execution of arbitrary code...

HPSBHF03374 rev.1 - HP PCs with UEFI Firmware, Denial of Service

Potential Security Impact Denial of service VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with certain HP consumer notebook PCs, HP commercial notebook PCs, HP consumer desktop PCs, HP commercial workstation PCs, Retail Solutions and Thin Clients with UEFI Firmware...

[security bulletin] HPSBHF03084 rev.1 HP PCs with UEFI Firmware, Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04393276 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04393276 Version: 1 HPSBHF03084 rev....