Vulnerabilities > HP > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-25 | CVE-2023-28087 | Unspecified vulnerability in HP Oneview An HPE OneView appliance dump may expose OneView user accounts | 5.5 |
| 2023-04-25 | CVE-2023-28090 | Insufficiently Protected Credentials vulnerability in HP Oneview An HPE OneView appliance dump may expose SNMPv3 read credentials | 5.5 |
| 2023-04-14 | CVE-2023-28091 | Unspecified vulnerability in HP Oneview HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump | 5.5 |
| 2023-03-22 | CVE-2023-28083 | Cross-site Scripting vulnerability in HP products A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). | 5.4 |
| 2023-03-01 | CVE-2022-37935 | Unspecified vulnerability in HP Oneview for VMWare Vcenter HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password. | 5.5 |
| 2022-12-12 | CVE-2021-46846 | Cross-site Scripting vulnerability in HP Integrated Lights-Out 5 Firmware 1.30/1.37/1.40 Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out 5. | 6.1 |
| 2022-09-13 | CVE-2022-1602 | Unspecified vulnerability in HP Thinpro 7.2 A potential security vulnerability has been identified in HP ThinPro 7.2 Service Pack 8 (SP8). | 5.5 |
| 2022-09-06 | CVE-2022-23678 | Unspecified vulnerability in HP Aruba Virtual Intranet Access A vulnerability in the Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system client communications that could allow for an attacker in a privileged network position to intercept sensitive information in Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system versions: 4.3.0 build 2208101 and below. | 5.9 |
| 2022-08-31 | CVE-2022-28625 | Information Exposure Through Log Files vulnerability in HP Oneview A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. | 5.5 |
| 2022-05-17 | CVE-2022-23706 | Cross-site Scripting vulnerability in HP Oneview A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. | 6.1 |