Filtered by vendor Hpe
Subscribe
Total
167 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-7108 | 1 Hpe | 1 Storageworks Xp7 Automation Director | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| HPE StorageWorks XP7 Automation Director (AutoDir) version 8.5.2-02 to earlier than 8.6.1-00 has a local and remote authentication bypass vulnerability that exposed the user authentication information of the storage system. This problem sometimes occurred under specific conditions when running a service template. | |||||
| CVE-2018-7107 | 1 Hpe | 1 Device Entitlement Gateway | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A potential security vulnerability has been identified in HPE Device Entitlement Gateway (DEG) v3.2.4, v3.3 and v3.3.1. The vulnerability could be remotely exploited to allow local SQL injection and elevation of privilege. | |||||
| CVE-2018-7094 | 1 Hpe | 1 3par Service Provider | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-5.0.0.0-22913(GA). The vulnerability may be exploited locally to allow disclosure of privileged information. | |||||
| CVE-2018-20733 | 6 Hpe, Ibm, Linux and 3 more | 6 Hp-ux Ipfilter, Aix, Linux Kernel and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE. | |||||
| CVE-2018-20732 | 6 Hpe, Ibm, Linux and 3 more | 6 Hp-ux Ipfilter, Aix, Linux Kernel and 3 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a Java deserialization variant. | |||||
| CVE-2016-9042 | 4 Freebsd, Hpe, Ntp and 1 more | 5 Freebsd, Hpux-ntp, Ntp and 2 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition. | |||||
| CVE-2015-9281 | 6 Hpe, Ibm, Linux and 3 more | 6 Hp-ux Ipfilter, Aix, Linux Kernel and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout page. | |||||