Envy 5000 Z4A54A

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-08	CVE-2020-12695	Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. network high complexity ui w1-fi asus broadcom canon cisco dlink dell epson hp huawei nec netgear ruckussecurity tp-link zte zyxel microsoft fedoraproject debian canonical CWE-276	7.5
2020-03-16	CVE-2019-18917	Improper Restriction of Excessive Authentication Attempts vulnerability in HP products A potential security vulnerability has been identified for certain HP Printers and All-in-Ones that would allow bypassing account lockout. network low complexity hp CWE-307	6.4
2020-01-09	CVE-2019-6332	Cross-site Scripting vulnerability in HP products A potential security vulnerability has been identified with certain HP InkJet printers. network hp CWE-79	3.5