Filtered by vendor Hpe
Subscriptions
Total
150 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4370 | 1 Hpe | 1 Project And Portfolio Management Center | 2020-04-29 | 8.8 High |
| HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to execute arbitrary commands or obtain sensitive information via unspecified vectors. | ||||
| CVE-2019-12001 | 1 Hpe | 12 Msa 1040, Msa 1040 Firmware, Msa 1050 and 9 more | 2020-04-28 | 6.4 Medium |
| A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier. | ||||
| CVE-2019-12002 | 1 Hpe | 12 Msa 1040, Msa 1040 Firmware, Msa 1050 and 9 more | 2020-04-28 | 9.8 Critical |
| A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier. | ||||
| CVE-2019-11998 | 1 Hpe | 2 Superdome Flex Server, Superdome Flex Server Firmware | 2020-01-29 | 5.5 Medium |
| HPE Superdome Flex Server is vulnerable to multiple remote vulnerabilities via improper input validation of administrator commands. This vulnerability could allow an Administrator to bypass security restrictions and access multiple remote vulnerabilities including information disclosure, or denial of service. HPE has provided firmware updates that address the above vulnerabilities for the HPE Superdome Flex Server starting with firmware version v3.20.186 (not available online) and v3.20.206 (available online). Apply v3.20.206 (4 December 2019) or a newer version to resolve this issue. Please visit HPE Support Center https://support.hpe.com/hpesc/public/home to obtain the updated firmware for your product. | ||||
| CVE-2018-20732 | 6 Hpe, Ibm, Linux and 3 more | 6 Hp-ux Ipfilter, Aix, Linux Kernel and 3 more | 2019-02-07 | N/A |
| SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a Java deserialization variant. | ||||
| CVE-2018-20733 | 6 Hpe, Ibm, Linux and 3 more | 6 Hp-ux Ipfilter, Aix, Linux Kernel and 3 more | 2019-02-01 | N/A |
| BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE. | ||||
| CVE-2015-9281 | 6 Hpe, Ibm, Linux and 3 more | 6 Hp-ux Ipfilter, Aix, Linux Kernel and 3 more | 2019-01-24 | N/A |
| Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout page. | ||||
| CVE-2018-7108 | 1 Hpe | 1 Storageworks Xp7 Automation Director | 2019-01-07 | N/A |
| HPE StorageWorks XP7 Automation Director (AutoDir) version 8.5.2-02 to earlier than 8.6.1-00 has a local and remote authentication bypass vulnerability that exposed the user authentication information of the storage system. This problem sometimes occurred under specific conditions when running a service template. | ||||
| CVE-2018-7110 | 2 Hpe, Redhat | 2 Service Governance Framework, Linux | 2018-12-03 | N/A |
| A remote unauthorized disclosure of information vulnerability was identified in HPE Service Governance Framework (SGF) version 4.2, 4.3. A race condition under high load in SGF exists where SGF transferred different parameter to the enabler. | ||||
| CVE-2018-7107 | 1 Hpe | 1 Device Entitlement Gateway | 2018-11-21 | N/A |
| A potential security vulnerability has been identified in HPE Device Entitlement Gateway (DEG) v3.2.4, v3.3 and v3.3.1. The vulnerability could be remotely exploited to allow local SQL injection and elevation of privilege. | ||||