Filtered by vendor Hp
Subscriptions
Total
2447 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28950 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2025-02-12 | 5.1 Medium |
| IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358. | ||||
| CVE-2023-28514 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2025-02-12 | 6.2 Medium |
| IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398. | ||||
| CVE-2005-2773 | 1 Hp | 1 Openview Network Node Manager | 2025-02-07 | 9.8 Critical |
| HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl. | ||||
| CVE-2017-5638 | 7 Apache, Arubanetworks, Hp and 4 more | 13 Struts, Clearpass Policy Manager, Server Automation and 10 more | 2025-02-06 | 9.8 Critical |
| The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. | ||||
| CVE-2023-28091 | 1 Hp | 1 Oneview | 2025-02-06 | 5.5 Medium |
| HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump | ||||
| CVE-2023-28087 | 1 Hp | 1 Oneview | 2025-02-03 | 5.5 Medium |
| An HPE OneView appliance dump may expose OneView user accounts | ||||
| CVE-2023-28086 | 1 Hp | 1 Oneview | 2025-02-03 | 5.5 Medium |
| An HPE OneView appliance dump may expose proxy credential settings | ||||
| CVE-2023-28090 | 1 Hp | 1 Oneview | 2025-02-03 | 5.5 Medium |
| An HPE OneView appliance dump may expose SNMPv3 read credentials | ||||
| CVE-2023-28089 | 1 Hp | 1 Oneview | 2025-02-03 | 7.1 High |
| An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules | ||||
| CVE-2023-28088 | 1 Hp | 1 Oneview | 2025-02-03 | 7.8 High |
| An HPE OneView appliance dump may expose SAN switch administrative credentials | ||||
| CVE-2023-28084 | 2 Hp, Hpe | 2 Oneview, Oneview Global Dashboard | 2025-02-03 | 5.5 Medium |
| HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens | ||||
| CVE-2023-22782 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22781 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22790 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2025-01-31 | 7.2 High |
| Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | ||||
| CVE-2023-22789 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2025-01-31 | 7.2 High |
| Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | ||||
| CVE-2023-22786 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22785 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22784 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22783 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22787 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2025-01-31 | 7.5 High |
| An unauthenticated Denial of Service (DoS) vulnerability exists in a service accessed via the PAPI protocol provided by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point. | ||||