Filtered by vendor Hp
Subscribe
Total
2279 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-4761 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2021-01-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 188895. | |||||
| CVE-2019-4728 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2021-01-07 | 9.0 HIGH | 8.8 HIGH |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with SYSTEM privileges. IBM X-Force ID: 172452. | |||||
| CVE-2020-7201 | 1 Hp | 4 Storeever 1\/8 G2 Tape Autoloader, Storeever 1\/8 G2 Tape Autoloader Firmware, Storeever Msl2024 and 1 more | 2020-12-22 | 6.8 MEDIUM | 8.8 HIGH |
| A potential security vulnerability has been identified in the HPE StoreEver MSL2024 Tape Library and HPE StoreEver 1/8 G2 Tape Autoloaders. The vulnerability could be remotely exploited to allow Cross-site Request Forgery (CSRF). | |||||
| CVE-2020-7203 | 1 Hp | 1 Ilo Amplifier Pack | 2020-12-21 | 7.5 HIGH | 9.8 CRITICAL |
| A potential security vulnerability has been identified in HPE iLO Amplifier Pack server version 1.70. The vulnerability could be exploited to allow remote code execution. | |||||
| CVE-2020-4657 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2020-12-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Sterling B2B Integrator 5.2.0.0 through 6.0.3.2 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186094. | |||||
| CVE-2020-4658 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2020-12-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Sterling File Gateway 2.2.0.0 through 6.0.3.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186095. | |||||
| CVE-2019-4738 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2020-12-11 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in further attacks against the system. IBM X-Force ID: 172753. | |||||
| CVE-2020-7199 | 1 Hp | 1 Edgeline Infrastructure Manager | 2020-12-04 | 10.0 HIGH | 9.8 CRITICAL |
| A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration. | |||||
| CVE-2020-4937 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2020-12-02 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 191814. | |||||
| CVE-2020-7197 | 1 Hp | 1 Storeserv Management Console | 2020-11-16 | 7.5 HIGH | 9.8 CRITICAL |
| SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* Upgrade to HPE 3PAR StoreServ Management Console 3.7.1.1 or later. | |||||
| CVE-2013-6335 | 4 Hp, Ibm, Linux and 1 more | 5 Hp-ux, Aix, Tivoli Storage Manager and 2 more | 2020-10-29 | 3.3 LOW | N/A |
| The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations. | |||||
| CVE-2019-3683 | 2 Hp, Suse | 3 Helion Openstack, Keystone-json-assignment, Openstack Cloud | 2020-10-22 | 6.5 MEDIUM | 8.8 HIGH |
| The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and delete arbitrary resources, contrary to expectations. | |||||
| CVE-2020-7141 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 10.0 HIGH | 9.8 CRITICAL |
| A adddevicetoview expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7142 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 10.0 HIGH | 9.8 CRITICAL |
| A eventinfo_content expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7143 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 10.0 HIGH | 9.8 CRITICAL |
| A faultdevparasset expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7145 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 10.0 HIGH | 9.8 CRITICAL |
| A chooseperfview expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7144 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 10.0 HIGH | 9.8 CRITICAL |
| A comparefilesresult expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7146 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 10.0 HIGH | 9.8 CRITICAL |
| A devgroupselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7147 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 10.0 HIGH | 9.8 CRITICAL |
| A deployselectbootrom expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||
| CVE-2020-7148 | 1 Hp | 1 Intelligent Management Center | 2020-10-21 | 10.0 HIGH | 9.8 CRITICAL |
| A deployselectsoftware expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | |||||