Vulnerabilities > HPE

DATE CVE VULNERABILITY TITLE RISK
2023-04-25 CVE-2023-28084 Insufficiently Protected Credentials vulnerability in multiple products
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens
local
low complexity
hpe hp CWE-522
5.5
2023-04-14 CVE-2023-28085 Unspecified vulnerability in HPE Oneview Global Dashboard 2.31/2.32
An HPE OneView Global Dashboard (OVGD) appliance dump may expose OVGD user account credentials
local
low complexity
hpe
5.5
2023-03-10 CVE-2022-37939 Unspecified vulnerability in HPE products
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers.
local
low complexity
hpe
5.5
2023-03-01 CVE-2022-37936 Deserialization of Untrusted Data vulnerability in HPE Serviceguard for Linux
Unauthenticated Java deserialization vulnerability in Serviceguard Manager
network
low complexity
hpe CWE-502
critical
9.8
2023-03-01 CVE-2022-37937 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HPE Serviceguard for Linux
Pre-auth memory corruption in HPE Serviceguard
network
low complexity
hpe CWE-119
critical
9.8
2023-03-01 CVE-2022-37938 Server-Side Request Forgery (SSRF) vulnerability in HPE Serviceguard for Linux
Unauthenticated server side request forgery in HPE Serviceguard Manager
network
low complexity
hpe CWE-918
critical
9.8
2023-01-05 CVE-2022-37933 Code Injection vulnerability in HPE products
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers.
local
low complexity
hpe CWE-94
7.8
2023-01-05 CVE-2022-37934 Path Traversal vulnerability in multiple products
A potential security vulnerability has been identified in HPE OfficeConnect 1820, and 1850 switch series.
network
low complexity
hp hpe CWE-22
7.5
2022-12-12 CVE-2022-37927 Open Redirect vulnerability in HPE Oneview Global Dashboard
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD).
network
low complexity
hpe CWE-601
6.1
2022-12-12 CVE-2022-37928 Insufficient Verification of Data Authenticity vulnerability in HPE products
Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays.
network
low complexity
hpe CWE-345
6.5