Vulnerabilities > HPE > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-13 | CVE-2024-22441 | Improper Authentication vulnerability in HPE Cray Parallel Application Launch Service HPE Cray Parallel Application Launch Service (PALS) is subject to an authentication bypass. | 9.8 |
| 2023-12-19 | CVE-2023-50272 | Unspecified vulnerability in HPE products A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 6 (iLO 6). | 9.8 |
| 2023-10-25 | CVE-2023-30912 | Unspecified vulnerability in HPE Oneview 8.30.01 A remote code execution issue exists in HPE OneView. | 9.8 |
| 2023-08-29 | CVE-2023-39268 | Out-of-bounds Write vulnerability in HPE Arubaos-Switch A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. | 9.8 |
| 2023-03-01 | CVE-2022-37936 | Deserialization of Untrusted Data vulnerability in HPE Serviceguard for Linux Unauthenticated Java deserialization vulnerability in Serviceguard Manager | 9.8 |
| 2023-03-01 | CVE-2022-37937 | Out-of-bounds Write vulnerability in HPE Serviceguard for Linux Pre-auth memory corruption in HPE Serviceguard | 9.8 |
| 2023-03-01 | CVE-2022-37938 | Server-Side Request Forgery (SSRF) vulnerability in HPE Serviceguard for Linux Unauthenticated server side request forgery in HPE Serviceguard Manager | 9.8 |
| 2022-12-12 | CVE-2022-37932 | Unspecified vulnerability in HPE products A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. | 9.8 |
| 2022-06-24 | CVE-2022-28620 | Unspecified vulnerability in HPE products A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27; All Slingshot versions prior to 1.7.2; All versions of node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27. | 9.8 |
| 2022-03-02 | CVE-2021-41000 | Command Injection vulnerability in HPE Arubaos-Cx Multiple authenticated remote code execution vulnerabilities were discovered in the AOS-CX command line interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): AOS-CX 10.06.xxxx: 10.06.0170 and below, AOS-CX 10.07.xxxx: 10.07.0050 and below, AOS-CX 10.08.xxxx: 10.08.1030 and below. | 9.0 |