Vulnerabilities > HPE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-17 | CVE-2019-12001 | Insufficient Session Expiration vulnerability in HPE products A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier. | 6.4 |
| 2020-04-16 | CVE-2019-11999 | Cross-site Scripting vulnerability in HPE Opencall Media Platform Potential security vulnerabilities have been identified in HPE OpenCall Media Platform (OCMP) resulting in remote arbitrary file download and cross site scripting. | 6.9 |
| 2020-01-16 | CVE-2019-11998 | Improper Input Validation vulnerability in HPE Superdome Flex Server Firmware HPE Superdome Flex Server is vulnerable to multiple remote vulnerabilities via improper input validation of administrator commands. | 5.5 |
| 2019-11-14 | CVE-2019-11137 | Improper Input Validation vulnerability in multiple products Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. | 8.2 |
| 2019-11-14 | CVE-2019-11136 | Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. | 6.7 |
| 2019-11-07 | CVE-2019-11996 | Unspecified vulnerability in HPE Nimbleos Potential security vulnerabilities have been identified with HPE Nimble Storage systems in multi array group configurations. | 9.8 |
| 2019-06-05 | CVE-2019-11988 | Unspecified vulnerability in HPE Smart Update Manager A Remote Unauthorized Access vulnerability was identified in HPE Smart Update Manager (SUM) earlier than version 8.3.5. | 9.8 |
| 2019-06-05 | CVE-2019-11987 | Unspecified vulnerability in HPE Smart Update Manager A security vulnerability in HPE Smart Update Manager (SUM) prior to v8.4 could allow local unauthorized elevation of privilege. | 7.8 |
| 2019-05-15 | CVE-2019-8936 | NULL Pointer Dereference vulnerability in multiple products NTP through 4.2.8p12 has a NULL Pointer Dereference. | 7.5 |
| 2019-02-04 | CVE-2019-7317 | Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. | 5.3 |