Vulnerabilities > HP
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-17 | CVE-2022-28616 | Server-Side Request Forgery (SSRF) vulnerability in HP Oneview A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. | 7.5 |
| 2022-05-17 | CVE-2022-23706 | Cross-site Scripting vulnerability in HP Oneview A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. | 4.3 |
| 2022-05-17 | CVE-2022-28617 | Improper Authentication vulnerability in HP Oneview A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. | 7.5 |
| 2022-05-09 | CVE-2022-23704 | Unspecified vulnerability in HP Integrated Lights-Out 4 2.78 A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). | 5.0 |
| 2022-04-27 | CVE-2022-27239 | Out-of-bounds Write vulnerability in multiple products In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. | 7.2 |
| 2022-04-04 | CVE-2022-23697 | Cross-site Scripting vulnerability in HP Oneview A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. | 4.3 |
| 2022-04-04 | CVE-2022-23698 | Unspecified vulnerability in HP Oneview A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. | 5.0 |
| 2022-04-04 | CVE-2022-23699 | Improper Authentication vulnerability in HP Oneview A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. | 4.6 |
| 2022-04-04 | CVE-2022-23700 | Incorrect Authorization vulnerability in HP Oneview A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. | 2.1 |
| 2022-03-23 | CVE-2022-24291 | Unspecified vulnerability in HP products Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. | 7.8 |