Vulnerabilities > HPE

DATE CVE VULNERABILITY TITLE RISK
2024-11-27 CVE-2024-53676 Path Traversal vulnerability in HPE Insight Remote Support 7.12/7.12.0.529/7.12.0.545
A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may allow remote code execution.
network
low complexity
hpe CWE-22
critical
9.8
2024-11-26 CVE-2024-11622 XXE vulnerability in HPE Insight Remote Support 7.12/7.12.0.529/7.12.0.545
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.
network
low complexity
hpe CWE-611
7.5
2024-11-26 CVE-2024-53673 Deserialization of Untrusted Data vulnerability in HPE Insight Remote Support 7.12/7.12.0.529/7.12.0.545
A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code.
network
low complexity
hpe CWE-502
critical
9.8
2024-11-26 CVE-2024-53674 XXE vulnerability in HPE Insight Remote Support 7.12/7.12.0.529/7.12.0.545
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.
network
low complexity
hpe CWE-611
7.5
2024-11-26 CVE-2024-53675 XXE vulnerability in HPE Insight Remote Support 7.12/7.12.0.529/7.12.0.545
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.
network
low complexity
hpe CWE-611
7.5
2024-06-13 CVE-2024-22441 Improper Authentication vulnerability in HPE Cray Parallel Application Launch Service
HPE Cray Parallel Application Launch Service (PALS) is subject to an authentication bypass.
network
low complexity
hpe CWE-287
critical
9.8
2023-12-19 CVE-2023-50272 Unspecified vulnerability in HPE products
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 6 (iLO 6).
network
low complexity
hpe
critical
9.8
2023-10-25 CVE-2023-30912 Unspecified vulnerability in HPE Oneview 8.30.01
A remote code execution issue exists in HPE OneView.
network
low complexity
hpe
critical
9.8
2023-10-18 CVE-2023-30911 Unspecified vulnerability in HPE products
HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest may cause denial of service.
network
low complexity
hpe
7.5
2023-10-09 CVE-2023-30910 HTTP Request Smuggling vulnerability in HPE products
HPE MSA Controller prior to version IN210R004 could be remotely exploited to allow inconsistent interpretation of HTTP requests. 
network
low complexity
hpe CWE-444
5.4