A security vulnerability in HPE IceWall Agent products could be exploited remotely to cause a denial of service.
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.5
EPSS Score
0.04%
Published
2024-03-26
Updated
2024-03-27
An authenticated Denial-of-Service (DoS) vulnerability exists in the CLI service. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point.
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.5
EPSS Score
0.04%
Published
2023-11-14
Updated
2023-11-21
A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.8
EPSS Score
0.05%
Published
2023-05-01
Updated
2023-05-10
HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers to reduce exposure to the potential vulnerability.
Source: HP Inc.
Max CVSS
6.8
EPSS Score
0.05%
Published
2023-10-13
Updated
2023-10-20
Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI.
Source: HP Inc.
Max CVSS
6.1
EPSS Score
0.05%
Published
2023-10-04
Updated
2023-10-11
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.1
EPSS Score
0.06%
Published
2022-05-17
Updated
2022-05-25
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.1
EPSS Score
0.06%
Published
2022-04-04
Updated
2022-04-12
Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out 5.
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.4
EPSS Score
0.06%
Published
2022-12-12
Updated
2022-12-13
A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.7
EPSS Score
0.04%
Published
2021-05-25
Updated
2021-06-02
A security vulnerability in HPE OneView for VMware vCenter (OV4VC) could be exploited remotely to allow Cross-Site Scripting. HPE has released the following software update to resolve the vulnerability in HPE OneView for VMware vCenter (OV4VC).
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.1
EPSS Score
0.06%
Published
2021-06-03
Updated
2021-06-11
A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0 on Windows and 11.0 on Windows could be exploited remotely to allow cross-site scripting (XSS).
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.1
EPSS Score
0.06%
Published
2021-04-15
Updated
2021-04-22
The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file.
Source: MITRE
Max CVSS
6.7
EPSS Score
0.04%
Published
2020-08-12
Updated
2021-07-21
LinuxKI v6.0-1 and earlier is vulnerable to an XSS which is resolved in release 6.0-2.
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.1
EPSS Score
0.06%
Published
2020-02-13
Updated
2020-02-18
The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. Specifically, they display the kdc_admin_password in the source file of the url "/bdswebui/assignusers/".
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.5
EPSS Score
0.06%
Published
2020-10-26
Updated
2021-07-21
A security vulnerability in HPE IceWall SSO Dfw and Dgfw (Domain Gateway Option) could be exploited remotely to cause a remote cross-site scripting (XSS). HPE has provided the following information to resolve this vulnerability in HPE IceWall SSO DFW and Dgfw: https://www.hpe.com/jp/icewall_patchaccess
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.1
EPSS Score
0.06%
Published
2020-07-08
Updated
2020-07-14
A remote access to sensitive data vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4.1, 1.4.2, 1.2.4.2.
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.5
EPSS Score
0.06%
Published
2020-04-24
Updated
2021-07-21
A potential security vulnerability has been identified for certain HP Printers and All-in-Ones that would allow bypassing account lockout.
Source: HP Inc.
Max CVSS
6.5
EPSS Score
0.09%
Published
2020-03-16
Updated
2020-08-24
A potential security vulnerability has been identified for certain HP printers and MFPs that would allow redirection page Cross-Site Scripting in a client’s browser by clicking on a third-party malicious link.
Source: HP Inc.
Max CVSS
6.1
EPSS Score
0.06%
Published
2021-11-09
Updated
2021-11-15
The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges.
Source: HP Inc.
Max CVSS
6.8
EPSS Score
0.17%
Published
2019-11-22
Updated
2023-07-20
Incorrect access control in the firmware of Synaptics VFS75xx family fingerprint sensors that include external flash (all versions prior to 2019-11-15) allows a local administrator or physical attacker to compromise the confidentiality of sensor data via injection of an unverified partition table.
Source: MITRE
Max CVSS
6.0
EPSS Score
0.04%
Published
2020-07-22
Updated
2020-07-30
Bromium client version 4.0.3.2060 and prior to 4.1.7 Update 1 has an out of bound read results in race condition causing Kernel memory leaks or denial of service.
Source: Airbus
Max CVSS
6.3
EPSS Score
0.04%
Published
2020-02-03
Updated
2021-11-03
An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.
Source: HP Inc.
Max CVSS
6.8
EPSS Score
0.12%
Published
2019-11-22
Updated
2020-08-24
HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application. Update to version 3.2 and update the HTTPS configuration as described in the HPE MSE Messaging Gateway Configuration and Operations Guide.
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.6
EPSS Score
0.06%
Published
2020-07-17
Updated
2021-07-21
A potential security vulnerability has been identified in HPE enhanced Internet Usage Manager (eIUM) versions 8.3 and 9.0. The vulnerability could be used for unauthorized access to information via cross site scripting. HPE has made the following software updates to resolve the vulnerability in eIUM. The eIUM 8.3 FP01 customers are advised to install eIUM83FP01Patch_QXCR1001711284.20190806-1244 patch. The eIUM 9.0 customers are advised to upgrade to eIUM 9.0 FP02 PI5 or later versions. For other versions, please, contact the product support.
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.1
EPSS Score
0.06%
Published
2020-01-16
Updated
2020-01-27
A security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting.
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
6.1
EPSS Score
0.06%
Published
2019-12-18
Updated
2019-12-23
205 vulnerabilities found
1 2 3 4 5 6 7 8 9
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!