Vulnerabilities > HP > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-06 | CVE-2018-7069 | Improper Authentication vulnerability in HP Centralview Fraud Risk Management HPE has identified a remote unauthenticated access to files vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. | 7.5 |
| 2018-08-06 | CVE-2018-7059 | Improper Input Validation vulnerability in HP Aruba Clearpass Policy Manager Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. | 8.8 |
| 2018-08-06 | CVE-2018-5390 | Resource Exhaustion vulnerability in multiple products Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. | 7.5 |
| 2018-08-06 | CVE-2017-9003 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP Arubaos Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. | 7.5 |
| 2018-08-06 | CVE-2017-9001 | Unspecified vulnerability in HP Aruba Clearpass Policy Manager Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout", which causes ClearPass to lock accounts with too many login failures through SSH. | 8.1 |
| 2018-08-06 | CVE-2017-8987 | Unspecified vulnerability in HP Integrated Lights-Out 3 Firmware 1.88 A Unauthenticated Remote Denial of Service vulnerability was identified in HPE Integrated Lights-Out 3 (iLO 3) version v1.88 only. | 8.6 |
| 2018-08-06 | CVE-2017-8968 | Unspecified vulnerability in HP Restful Interface Tool 1.5/2.0 A remote execution of arbitrary code vulnerability has been identified in HPE RESTful Interface Tool 1.5, 2.0 (hprest-1.5-79.x86_64.rpm, ilorest-2.0-403.x86_64.rpm). | 7.8 |
| 2018-08-06 | CVE-2016-8526 | XXE vulnerability in HP Airwave Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities (XXE). | 8.8 |
| 2018-08-06 | CVE-2016-4405 | Deserialization of Untrusted Data vulnerability in HP Business Service Management A remote code execution vulnerability was identified in HP Business Service Management (BSM) using Apache Commons Collection Java Deserialization versions v9.20-v9.26 | 8.8 |
| 2018-08-06 | CVE-2016-4398 | Deserialization of Untrusted Data vulnerability in HP Network Node Manager I 10.00/10.01/10.10 A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10 using Java Deserialization. | 8.8 |