Vulnerabilities > HPE > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-24 | CVE-2021-29217 | Open Redirect vulnerability in HPE Oneview Global Dashboard A remote URL redirection vulnerability was discovered in HPE OneView Global Dashboard version(s): Prior to 2.5. | 5.8 |
| 2022-02-24 | CVE-2022-23701 | Injection vulnerability in HPE Integrated Lights-Out A potential remote host header injection security vulnerability has been identified in HPE Integrated Lights-Out 4 (iLO 4) firmware version(s): Prior to 2.60. | 5.0 |
| 2022-02-04 | CVE-2021-29218 | Unquoted Search Path or Element vulnerability in HPE products A local unquoted search path security vulnerability has been identified in HPE Agentless Management Service for Windows version(s): Prior to 1.44.0.0, 10.96.0.0. | 4.6 |
| 2022-02-04 | CVE-2021-29219 | Classic Buffer Overflow vulnerability in HPE products A potential local buffer overflow vulnerability has been identified in HPE FlexNetwork 5130 EL Switch Series version: Prior to 5130_EI_7.10.R3507P02. | 4.6 |
| 2021-10-19 | CVE-2021-26589 | Incorrect Permission Assignment for Critical Resource vulnerability in HPE products A potential security vulnerability has been identified in HPE Superdome Flex Servers. | 4.3 |
| 2021-09-27 | CVE-2021-26587 | Cross-site Scripting vulnerability in HPE products A potential DOM-based Cross Site Scripting security vulnerability has been identified in HPE StoreOnce. | 6.0 |
| 2021-04-01 | CVE-2021-26581 | Unspecified vulnerability in HPE Superdome Flex Server Firmware 3.20.186/3.20.206/3.25.46 A potential security vulnerability has been identified in HPE Superdome Flex server. | 4.0 |
| 2021-04-01 | CVE-2021-26580 | Cross-site Scripting vulnerability in HPE Integrated Lights-Out Amplifier 1.80 A potential security vulnerability has been identified in HPE iLO Amplifier Pack. | 4.3 |
| 2021-03-22 | CVE-2021-26578 | SQL Injection vulnerability in HPE Network Orchestrator A potential security vulnerability has been identified in HPE Network Orchestrator (NetO) version(s): Prior to 2.5. | 5.0 |
| 2021-02-09 | CVE-2021-22267 | Authentication Bypass by Capture-replay vulnerability in HPE web Viewpoint Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows a remote replay attack for T0320L01^ABP through T0320L01^ABZ, T0952L01^AAH through T0952L01^AAR, T0986L01 through T0986L01^AAF, T0665L01^AAP, and T0662L01^AAP (L) and T0320H01^ABO through T0320H01^ABY, T0952H01^AAG through T0952H01^AAQ, T0986H01 through T0986H01^AAE, T0665H01^AAO, and T0662H01^AAO (J and H). | 4.3 |