Filtered by vendor Hpe
Subscribe
Total
191 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-37158 | 1 Hpe | 1 Arubaos-cx | 2025-12-04 | N/A | 6.7 MEDIUM |
| A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution (RCE) on the affected system. | |||||
| CVE-2025-37159 | 1 Hpe | 1 Arubaos-cx | 2025-12-04 | N/A | 5.8 MEDIUM |
| A vulnerability in the web management interface of the AOS-CX OS user authentication service could allow an authenticated remote attacker to hijack an active user session. Successful exploitation may enable the attacker to maintain unauthorized access to the session, potentially leading to the view or modification of sensitive configuration data. | |||||
| CVE-2025-37160 | 1 Hpe | 1 Arubaos-cx | 2025-12-04 | N/A | 5.3 MEDIUM |
| A broken access control (BAC) vulnerability in the web-based management interface could allow an authenticated remote attacker with low privileges to view sensitive information. Successful exploitation of this vulnerability could enable the attacker to disclose sensitive data. | |||||
| CVE-2002-20001 | 6 Balasys, F5, Hpe and 3 more | 49 Dheater, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 46 more | 2025-08-22 | 5.0 MEDIUM | 7.5 HIGH |
| The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE. | |||||
| CVE-2024-51770 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | N/A | 7.5 HIGH |
| An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. | |||||
| CVE-2024-51769 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | N/A | 7.5 HIGH |
| An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. | |||||
| CVE-2024-51768 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | N/A | 8.0 HIGH |
| An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. | |||||
| CVE-2024-51767 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | N/A | 7.3 HIGH |
| An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. | |||||
| CVE-2025-37107 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | N/A | 7.3 HIGH |
| An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18. | |||||
| CVE-2025-37106 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | N/A | 7.3 HIGH |
| An authentication bypass and disclosure of information vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18. | |||||
| CVE-2025-37105 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | N/A | 7.5 HIGH |
| An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18. | |||||
| CVE-2025-37097 | 1 Hpe | 1 Insight Remote Support | 2025-07-10 | N/A | 7.5 HIGH |
| A vulnerability in HPE Insight Remote Support (IRS) prior to v7.15.0.646 may allow an unauthenticated denial of service | |||||
| CVE-2025-37098 | 1 Hpe | 1 Insight Remote Support | 2025-07-10 | N/A | 7.5 HIGH |
| A path traversal vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646. | |||||
| CVE-2025-37099 | 1 Hpe | 1 Insight Remote Support | 2025-07-10 | N/A | 9.8 CRITICAL |
| A remote code execution vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646. | |||||
| CVE-2025-37095 | 1 Hpe | 1 Storeonce System | 2025-07-02 | N/A | 9.8 CRITICAL |
| A directory traversal information disclosure vulnerability exists in HPE StoreOnce Software. | |||||
| CVE-2025-37096 | 1 Hpe | 1 Storeonce System | 2025-07-02 | N/A | 9.8 CRITICAL |
| A command injection remote code execution vulnerability exists in HPE StoreOnce Software. | |||||
| CVE-2025-37089 | 1 Hpe | 1 Storeonce System | 2025-07-02 | N/A | 9.8 CRITICAL |
| A command injection remote code execution vulnerability exists in HPE StoreOnce Software. | |||||
| CVE-2025-37091 | 1 Hpe | 1 Storeonce System | 2025-07-02 | N/A | 7.2 HIGH |
| A command injection remote code execution vulnerability exists in HPE StoreOnce Software. | |||||
| CVE-2025-37090 | 1 Hpe | 1 Storeonce System | 2025-07-02 | N/A | 9.8 CRITICAL |
| A server-side request forgery vulnerability exists in HPE StoreOnce Software. | |||||
| CVE-2025-37092 | 1 Hpe | 1 Storeonce System | 2025-07-02 | N/A | 9.8 CRITICAL |
| A command injection remote code execution vulnerability exists in HPE StoreOnce Software. | |||||