HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-06-16
Updated
2023-06-29
HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-14
Updated
2023-04-21
An HPE OneView appliance dump may expose SNMPv3 read credentials
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
An HPE OneView appliance dump may expose OneView user accounts
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
An HPE OneView appliance dump may expose proxy credential settings
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
A vulnerability exists in Aruba InstantOS and ArubaOS 10 where an edge-case combination of network configuration, a specific WLAN environment and an attacker already possessing valid user credentials on that WLAN can lead to sensitive information being disclosed via the WLAN. The scenarios in which this disclosure of potentially sensitive information can occur are complex and depend on factors that are beyond the control of the attacker.
Max CVSS
5.4
EPSS Score
0.04%
Published
2023-05-08
Updated
2023-05-12
HPE OneView may have a missing passphrase during restore.
Max CVSS
5.5
EPSS Score
0.05%
Published
2024-01-23
Updated
2024-01-29
HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-03-01
Updated
2023-03-10
A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity. HP is releasing firmware updates to mitigate the potential vulnerability.
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-28
Updated
2023-05-10
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability. To exploit this vulnerability, HPE OneView must be configured with credential access to external repositories. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-08-31
Updated
2022-09-07
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-03-02
Updated
2022-03-11
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-03-02
Updated
2022-03-11
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-03-02
Updated
2022-03-10
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-03-02
Updated
2022-03-11
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-03-02
Updated
2022-03-11
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-03-02
Updated
2022-03-10
A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-04-04
Updated
2022-04-13
A vulnerability in the Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system client communications that could allow for an attacker in a privileged network position to intercept sensitive information in Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system versions: 4.3.0 build 2208101 and below. Aruba has released upgrades for Virtual Intranet Access (VIA) Client that address this security vulnerability.
Max CVSS
5.9
EPSS Score
0.17%
Published
2022-09-06
Updated
2022-09-13
Potential arbitrary file deletion vulnerability has been identified in HP Support Assistant software.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-01-28
Updated
2022-02-03
A potential security vulnerability has been identified in HP ThinPro 7.2 Service Pack 8 (SP8). The security vulnerability in SP8 is not remedied after upgrading from SP8 to Service Pack 9 (SP9). HP has released Service Pack 10 (SP10) to remediate the potential vulnerability introduced in SP8.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-09-13
Updated
2022-09-15
Certain HP Enterprise LaserJet and PageWide MFPs may be vulnerable to stored cross site scripting (XSS).
Max CVSS
5.4
EPSS Score
0.05%
Published
2021-10-29
Updated
2021-11-04
Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1) decapsulate and route IP-in-IP traffic without any validation, which could allow an unauthenticated remote attacker to route arbitrary traffic via an exposed network interface and lead to spoofing, access control bypass, and other unexpected network behaviors.
Max CVSS
5.3
EPSS Score
1.05%
Published
2020-06-02
Updated
2020-07-29
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware. The vulnerability could be remotely exploited to disclose the serial number and other information.
Max CVSS
5.3
EPSS Score
0.09%
Published
2021-01-05
Updated
2021-07-21
A potential security vulnerability has been identified in HPE Onboard Administrator. The vulnerability could be remotely exploited to allow Reflected Cross Site Scripting. HPE has made the following software updates and mitigation information to resolve the vulnerability in HPE Onboard Administrator. * OA 4.95 (Linux and Windows).
Max CVSS
5.4
EPSS Score
0.05%
Published
2020-04-23
Updated
2020-04-30
275 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!