Lucene search
K
HpThinpro

8 matches found

CVE
CVE
added 2019/11/22 9:38 p.m.172 views

CVE-2019-18909

HP ThinPro VPN command-injection (CVE-2019-18909) arises from unsafe handling of user input, enabling potential command execution with root privileges. Affected HP ThinPro Linux versions include 6.2, 6.2.1, 7.0, and 7.1 (Citrix-related component in 6.x/7.x). The issue is documented across multipl...

8CVSS7.9AI score0.02181EPSS
CVE
CVE
added 2019/11/22 9:23 p.m.166 views

CVE-2019-18910

CVE-2019-18910 involves the Citrix Receiver wrapper function that does not safely handle user input, enabling command injection to execute with local privileges. Affected products include HP ThinPro Linux (versions 6.2, 6.2.1, 7.0, 7.1) where the vulnerability can occur through the Citrix Receive...

6.8CVSS6.6AI score0.00847EPSS
CVE
CVE
added 2019/11/22 9:30 p.m.132 views

CVE-2019-16287

CVE-2019-16287 affects HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, where an application filter bypass can allow an attacker to create a local file and enter Administrative Mode, enabling elevated commands. The issue is addressed by HP with multiple patches: HP Firefox 60.9.0esr for ThinPro 6.2–7.1 ...

7.2CVSS6.6AI score0.0068EPSS
CVE
CVE
added 2022/09/13 2:51 p.m.50 views

CVE-2022-1602

CVE-2022-1602 concerns HP ThinPro 7.2 SP8. The vulnerability originates in SP8 and is not remedied by upgrading to SP9; HP released SP10 to remediate the issue introduced in SP8. Affected software: HP ThinPro 7.2 with SP8 (and through SP9 as per PT/Red Hat/Radiation entries). Impact details in th...

5.5CVSS5.5AI score0.00186EPSS
CVE
CVE
added 2018/01/23 4:0 p.m.45 views

CVE-2017-2740

CVE-2017-2740 affects the HP ThinPro operating system command line shell across multiple releases (4.4, 5.0, 5.1, 5.2, 5.2.1, 6.1). The vulnerability could enable local unauthorized elevation of privilege on HP thin client devices. HP and related records describe a privilege escalation via the Th...

7.8CVSS7.6AI score0.0051EPSS
CVE
CVE
added 2016/12/29 9:2 a.m.39 views

CVE-2016-2246

CVE-2016-2246 concerns HP ThinPro 4.4–6.1, where the keyboard layout control panel and the Virtual Keyboard application are mishandled, enabling local users to bypass access restrictions and elevate privileges. Root cause and impact are described as local unauthorized access with privilege elevat...

7.8CVSS7.5AI score0.00575EPSS
CVE
CVE
added 2025/10/28 8:40 p.m.13 views

CVE-2025-43017

HP ThinPro 8.1 has a vulnerability in its system management application where user identity verification can fail. Multiple sources (HP advisories and various CVE trackers) indicate the issue affects HP ThinPro 8.1 prior to SP8 and that HP released HP ThinPro 8.1 SP8 to mitigate potential vulnera...

9.8CVSS6.8AI score0.00245EPSS
CVE
CVE
added 2025/10/27 11:11 p.m.13 views

CVE-2025-43024

CVE-2025-43024 relates to HP ThinPro 8.1 SP8 and involves a GUI dialog that allows unauthorized viewing of files on the file system. The root cause is an insufficient access check in the dialog that displays file-system contents, enabling information disclosure. Public details across connected so...

7.5CVSS6.4AI score0.00252EPSS