Vulnerabilities > HP > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-19 | CVE-2020-24649 | Improper Input Validation vulnerability in HP Intelligent Management Center 7.2/7.3 A remote bytemessageresource transformentity" input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | 9.8 |
| 2020-10-19 | CVE-2020-24648 | Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center 7.2/7.3 A accessmgrservlet classname deserialization of untrusted data remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | 9.8 |
| 2020-10-19 | CVE-2020-24647 | Improper Input Validation vulnerability in HP Intelligent Management Center 7.2/7.3 A remote accessmgrservlet classname input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | 9.8 |
| 2020-10-19 | CVE-2020-24646 | Out-of-bounds Write vulnerability in HP Intelligent Management Center 7.2/7.3 A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | 9.8 |
| 2020-10-19 | CVE-2020-24629 | Improper Authentication vulnerability in HP Intelligent Management Center 7.2/7.3 A remote urlaccesscontroller authentication bypass vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | 9.8 |
| 2020-07-17 | CVE-2020-7206 | OS Command Injection vulnerability in HP Nagios-Plugins-Hpilo 1.50 HP nagios plugin for iLO (nagios-plugins-hpilo v1.50 and earlier) has a php code injection vulnerability. | 9.8 |
| 2020-04-24 | CVE-2020-7133 | Unspecified vulnerability in HP HPE IOT + GCP A unauthorized remote access vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. | 9.8 |
| 2020-04-24 | CVE-2020-7131 | Out-of-bounds Write vulnerability in HP products This document describes a security vulnerability in Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity products. | 9.0 |
| 2020-03-10 | CVE-2017-10992 | Deserialization of Untrusted Data vulnerability in HP Storage Essentials 9.5.0.142 In HPE Storage Essentials 9.5.0.142, there is Unauthenticated Java Deserialization with remote code execution via OS commands in a request to invoker/JMXInvokerServlet, aka PSRT110461. | 9.8 |
| 2020-02-13 | CVE-2020-7209 | Unspecified vulnerability in HP Linuxki LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is resolved in release 6.0-2. | 9.8 |