26 matches found
EUVD-2015-5398
Malware in sbrugna...
EUVD-2008-2385
Malware in sbrugna...
CVE-2025-43487
A potential privilege escalation through Sudo vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The firmware flaw does not properly implement access controls. HP has addressed the issue in the latest software update...
CVE-2025-43485
A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could potentially allow a privileged user to retrieve credentials from the log files. HP has addressed the issue in the latest software update...
CVE-2025-43487
A potential privilege escalation through Sudo vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The firmware flaw does not properly implement access controls. HP has addressed the issue in the latest software update...
CVE-2015-5442
Unspecified vulnerability in HP Software Update before 5.005.002.002 allows local users to gain privileges via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in HP Software Update before 5.005.002.002 allows local users to gain privileges via unknown vectors...
CVE-2015-5442
CVE-2015-5442 is an unspecified local privilege escalation in HP Software Update prior to 5.005.002.002. Affected product: HP Software Update (on HP laptops). Root cause and vectors are not detailed in the sources, but the vulnerability enables local users to gain privileges (type and scope not f...
CVE-2015-5442
Unspecified vulnerability in HP Software Update before 5.005.002.002 allows local users to gain privileges via unknown vectors...
HP Software Update HPeDiag ActiveX Control GetXmlFromIni buffer overflow
Added: 05/22/2008 CVE: CVE-2008-0712 BID: 28929 OSVDB: 44662 Background HP Software Update is shipped with various kinds of HP computers to keep HP software up to date. Problem A buffer overflow in the GetXmlFromIni method of the HPeDiag ActiveX control allows command execution when a user loads ...
HP Software Update HPeDiag ActiveX Control GetXmlFromIni buffer overflow
Added: 05/22/2008 CVE: CVE-2008-0712 BID: 28929 OSVDB: 44662 Background HP Software Update is shipped with various kinds of HP computers to keep HP software up to date. Problem A buffer overflow in the GetXmlFromIni method of the HPeDiag ActiveX control allows command execution when a user loads ...
HP Software Update HPeDiag ActiveX Control GetXmlFromIni buffer overflow
Added: 05/22/2008 CVE: CVE-2008-0712 BID: 28929 OSVDB: 44662 Background HP Software Update is shipped with various kinds of HP computers to keep HP software up to date. Problem A buffer overflow in the GetXmlFromIni method of the HPeDiag ActiveX control allows command execution when a user loads ...
HP Software Update HPeDiag ActiveX Control GetXmlFromIni buffer overflow
Added: 05/22/2008 CVE: CVE-2008-0712 BID: 28929 OSVDB: 44662 Background HP Software Update is shipped with various kinds of HP computers to keep HP software up to date. Problem A buffer overflow in the GetXmlFromIni method of the HPeDiag ActiveX control allows command execution when a user loads ...
Code injection
Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe 1 ExecuteAsync and 2 Execute methods, which allows remote attackers to execute arbitrary code via an absolute pathname in the first argument...
CVE-2008-2390
Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe 1 ExecuteAsync and 2 Execute methods, which allows remote attackers to execute arbitrary code via an absolute pathname in the first argument...
KLA10192 ACE vulnerability in HP Software Update
An unspecified vulnerability was found in an HP Software Update. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited from the network at a point related to Hpufunction.dll. Original advisories - Exploitation Public exploits exist for th...
HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01439758 Version: 1 HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Code NOTICE: The information in this...
HP Software Update - 'Hpufunction.dll 4.0.0.1' Insecure Method
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& Insecure Methods in HP Update Software. Remote: Yes Execute code remotely is possible using methods ExecuteAsync and Execute :- If a user visits the malicious page the attacker can execute code...
HP HPeDiag ActiveX Control Multiple Vulnerabilities
The remote host contains the HP Software Update software, installed by default on many HP notebooks to support automatic software updates and vulnerability patching. The version of this software on the remote host includes an ActiveX control, 'HpeDiag', that reportedly contains multiple insecure...
HP Software Update RulesEngine.dll控件远程文件覆盖漏洞
BUGTRAQ ID: 26950 HP Software Update是HP笔记本中默认安装的自动升级和补丁软件。 HP Software Updates所带的ActiveX控件实现上存在漏洞,远程攻击者可能利用此漏洞访问或破坏用户系统上的任意文件。 HP Software Updates所安装的RulesEngine.dll控件(CLSID:7CB9D4F5-C492-42A4-93B1-3F7D6946470D,默认路径C:\Program...