Vulnerabilities > HPE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-12 | CVE-2022-28635 | Unspecified vulnerability in HPE Integrated Lights-Out 5 Firmware 2.63 A potential local arbitrary code execution and a local denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. | 7.4 |
| 2022-08-12 | CVE-2022-28636 | Unspecified vulnerability in HPE Integrated Lights-Out 5 Firmware 2.63 A potential local arbitrary code execution and a local denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. | 7.4 |
| 2022-07-08 | CVE-2022-28623 | SQL Injection vulnerability in HPE Icewall SSO Certd 10.0 Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. | 9.8 |
| 2022-07-08 | CVE-2022-28624 | Cross-site Scripting vulnerability in HPE products A potential security vulnerability has been identified in certain HPE FlexNetwork and FlexFabric switch products. | 4.8 |
| 2022-06-28 | CVE-2022-28621 | Unspecified vulnerability in HPE Nonstop Distributed Systems Management / Software Configuration Manager T6031H03^Adp A remote disclosure of sensitive information vulnerability was discovered in HPE NonStop DSM/SCM version: T6031H03^ADP. | 7.5 |
| 2022-06-27 | CVE-2022-28622 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in HPE Storeonce 3640 Firmware 4.2.3/4.3.0 A potential security vulnerability has been identified in HPE StoreOnce Software. | 7.5 |
| 2022-06-24 | CVE-2022-28619 | Unspecified vulnerability in HPE Control Repository Manager A potential security vulnerability has been identified in the installer of HPE Version Control Repository Manager. | 7.8 |
| 2022-06-24 | CVE-2022-28620 | Unspecified vulnerability in HPE products A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27; All Slingshot versions prior to 1.7.2; All versions of node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27. | 9.8 |
| 2022-05-20 | CVE-2022-28618 | Command Injection vulnerability in HPE Nimbleos A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays that could allow an attacker to execute arbitrary commands on a Nimble appliance. | 9.8 |
| 2022-05-09 | CVE-2022-23705 | Unspecified vulnerability in HPE Nimbleos A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays, and HPE Nimble Storage Secondary Flash Arrays which could potentially allow the upload, but not execution, of unauthorized update binaries to the array. | 7.5 |