| 2019-11-14 | CVE-2019-11136 | Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. | 6.7 |
| 2019-06-05 | CVE-2019-11987 | Unspecified vulnerability in HPE Smart Update Manager
A security vulnerability in HPE Smart Update Manager (SUM) prior to v8.4 could allow local unauthorized elevation of privilege. | 4.6 |
| 2019-01-17 | CVE-2018-20733 | XXE vulnerability in SAS web Infrastructure Platform 9.4
BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE. | 5.0 |
| 2019-01-17 | CVE-2015-9281 | Cross-site Scripting vulnerability in SAS web Infrastructure Platform 9.4
Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout page. | 4.3 |
| 2018-10-17 | CVE-2018-7110 | Race Condition vulnerability in HPE Service Governance Framework 4.2/4.3
A remote unauthorized disclosure of information vulnerability was identified in HPE Service Governance Framework (SGF) version 4.2, 4.3. | 4.3 |
| 2018-09-27 | CVE-2018-7108 | Improper Authentication vulnerability in HPE Storageworks XP7 Automation Director
HPE StorageWorks XP7 Automation Director (AutoDir) version 8.5.2-02 to earlier than 8.6.1-00 has a local and remote authentication bypass vulnerability that exposed the user authentication information of the storage system. | 4.3 |
| 2018-09-27 | CVE-2018-7107 | SQL Injection vulnerability in HPE Device Entitlement Gateway 3.2.4/3.3/3.3.1
A potential security vulnerability has been identified in HPE Device Entitlement Gateway (DEG) v3.2.4, v3.3 and v3.3.1. | 6.5 |
| 2018-06-04 | CVE-2016-9042 | Improper Input Validation vulnerability in multiple products
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. | 5.9 |
| 2018-03-06 | CVE-2018-7185 | The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association. | 5.0 |
| 2017-01-13 | CVE-2016-7434 | Improper Input Validation vulnerability in NTP 4.2.8/4.2.7
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query. | 4.3 |