| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2019-5406 |
1 Hp |
1 3par Storeserv Management Console |
2019-08-16 |
9.0 |
| A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. |
| CVE-2019-5407 |
1 Hp |
1 3par Storeserv Management Console |
2019-08-16 |
6.5 |
| A remote information disclosure vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. |
| CVE-2019-5402 |
1 Hp |
1 3par Storeserv Management Console |
2019-08-16 |
10.0 |
| A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. |
| CVE-2019-5403 |
1 Hp |
1 3par Storeserv Management Console |
2019-08-16 |
3.5 |
| A remote multiple cross-site scripting vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. |
| CVE-2019-5404 |
1 Hp |
1 3par Storeserv Management Console |
2019-08-16 |
8.7 |
| A remote script injection vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. |
| CVE-2019-5405 |
1 Hp |
1 3par Storeserv Management Console |
2019-08-16 |
5.0 |
| A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. |
| CVE-2016-5388 |
4 Hp, Apache, Oracle and 1 more |
11 Tomcat, Linux, Enterprise Linux Desktop and 8 more |
2019-08-13 |
5.1 |
| Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment... |
| CVE-2019-5401 |
1 Hp |
1 Hp2910al-48g Firmware |
2019-08-08 |
3.5 |
| A potential security vulnerability has been identified in HP2910al-48G version W.15.14.0016. The attack exploits an xss injection by setting the attack vector in one of the switch persistent configuration fields (management URL, location,... |
| CVE-2019-11989 |
1 Hp |
2 Icewall Sso Agent, Mfa Proxy |
2019-07-26 |
7.1 |
| A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for... |
| CVE-2019-3485 |
1 Hp |
1 Arcsight Logger |
2019-07-25 |
4.3 |
| Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1 |
| CVE-2019-11990 |
1 Hp |
1 Universal Internet Of Things |
2019-07-24 |
9.0 |
| Security vulnerabilities in HPE UIoT versions 1.6, 1.5, 1.4.2, 1.4.1, 1.4.0, and 1.2.4.2 could allow unauthorized remote access and access to sensitive data. HPE has addressed this issue in HPE UIoT: * For customers with release UIoT 1.6, fixes... |
| CVE-2016-2008 |
1 Hp |
1 Data Protector |
2019-07-16 |
7.5 |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors. |
| CVE-2016-2007 |
1 Hp |
1 Data Protector |
2019-07-16 |
10.0 |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3354. |
| CVE-2016-2006 |
1 Hp |
1 Data Protector |
2019-07-16 |
10.0 |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3353. |
| CVE-2016-2005 |
1 Hp |
1 Data Protector |
2019-07-16 |
10.0 |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352. |
| CVE-2016-2004 |
1 Hp |
1 Data Protector |
2019-07-12 |
9.3 |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for... |
| CVE-2019-6329 |
1 Hp |
1 Support Assistant |
2019-06-26 |
7.2 |
| HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6328. |
| CVE-2019-6328 |
1 Hp |
1 Support Assistant |
2019-06-26 |
7.2 |
| HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6329. |
| CVE-2015-3196 |
7 Hp, Openssl, Oracle and 4 more |
13 Icewall Sso, Icewall Sso Agent Option, Vm Virtualbox and 10 more |
2019-06-13 |
4.3 |
| ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of... |
| CVE-2019-11983 |
1 Hp |
2 Integrated Lights-out 4 Firmware, Integrated Lights-out 5 Firmware |
2019-06-07 |
8.3 |
| A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39. |
