Vulnerabilities > HP > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-25 | CVE-2021-29202 | Classic Buffer Overflow vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5 A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | 6.7 |
| 2021-05-25 | CVE-2021-29204 | Cross-site Scripting vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5 A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | 4.8 |
| 2021-05-25 | CVE-2021-29205 | Cross-site Scripting vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5 A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | 4.8 |
| 2021-05-25 | CVE-2021-29206 | Cross-site Scripting vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5 A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | 4.8 |
| 2021-05-25 | CVE-2021-29207 | Cross-site Scripting vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5 A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | 4.8 |
| 2021-04-15 | CVE-2021-26582 | Cross-site Scripting vulnerability in HP Icewall SSO Dgfw 10.0/11.0 A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0 on Windows and 11.0 on Windows could be exploited remotely to allow cross-site scripting (XSS). | 6.1 |
| 2021-01-05 | CVE-2020-7202 | Unspecified vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5 A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware. | 5.3 |
| 2020-11-05 | CVE-2020-7207 | Unspecified vulnerability in HP products A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). low complexity hp | 6.8 |
| 2020-10-26 | CVE-2020-7196 | Insufficiently Protected Credentials vulnerability in HP Bluedata Epic and Ezmeral Container Platform The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. | 6.5 |
| 2020-08-12 | CVE-2020-15596 | Uncontrolled Search Path Element vulnerability in HP products The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file. | 6.7 |