ReportizFlow
Filtered by vendor Hpe
Subscriptions
Total
203 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-20001 | 6 Balasys, F5, Hpe and 3 more | 49 Dheater, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 46 more | 2025-08-22 | 7.5 High |
| The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE. | ||||
| CVE-2025-37109 | 1 Hpe | 1 Telco Service Activator | 2025-08-04 | 3.5 Low |
| Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product | ||||
| CVE-2025-37110 | 1 Hpe | 1 Telco Network Function Virtual Orchestrator | 2025-08-04 | 6 Medium |
| A vulnerability was discovered in the storage policy for certain sets of sensitive credential information in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information. | ||||
| CVE-2025-37111 | 1 Hpe | 1 Telco Network Function Virtual Orchestrator | 2025-08-04 | 6 Medium |
| A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information. | ||||
| CVE-2025-37108 | 1 Hpe | 1 Telco Service Activator | 2025-08-04 | 3.5 Low |
| Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product | ||||
| CVE-2025-37112 | 1 Hpe | 1 Telco Network Function Virtual Orchestrator | 2025-08-04 | 6 Medium |
| A vulnerability was discovered in the storage policy for certain sets of encryption keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information. | ||||
| CVE-2017-5689 | 3 Hpe, Intel, Siemens | 71 Proliant Ml10 Gen9 Server, Proliant Ml10 Gen9 Server Firmware, Active Management Technology Firmware and 68 more | 2025-07-30 | 9.8 Critical |
| An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT). | ||||
| CVE-2024-51770 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | 7.5 High |
| An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. | ||||
| CVE-2024-51769 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | 7.5 High |
| An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. | ||||
| CVE-2024-51768 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | 8 High |
| An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. | ||||
| CVE-2024-51767 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | 7.3 High |
| An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. | ||||
| CVE-2025-37107 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | 7.3 High |
| An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18. | ||||
| CVE-2025-37106 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | 7.3 High |
| An authentication bypass and disclosure of information vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18. | ||||
| CVE-2025-37105 | 1 Hpe | 1 Autopass License Server | 2025-07-25 | 7.5 High |
| An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18. | ||||
| CVE-2025-37099 | 1 Hpe | 1 Insight Remote Support | 2025-07-18 | 9.8 Critical |
| A remote code execution vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646. | ||||
| CVE-2025-37097 | 1 Hpe | 1 Insight Remote Support | 2025-07-10 | 7.5 High |
| A vulnerability in HPE Insight Remote Support (IRS) prior to v7.15.0.646 may allow an unauthenticated denial of service | ||||
| CVE-2025-37098 | 1 Hpe | 1 Insight Remote Support | 2025-07-10 | 7.5 High |
| A path traversal vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646. | ||||
| CVE-2025-37095 | 1 Hpe | 1 Storeonce System | 2025-07-02 | 9.8 Critical |
| A directory traversal information disclosure vulnerability exists in HPE StoreOnce Software. | ||||
| CVE-2025-37096 | 1 Hpe | 1 Storeonce System | 2025-07-02 | 9.8 Critical |
| A command injection remote code execution vulnerability exists in HPE StoreOnce Software. | ||||
| CVE-2025-37089 | 1 Hpe | 1 Storeonce System | 2025-07-02 | 9.8 Critical |
| A command injection remote code execution vulnerability exists in HPE StoreOnce Software. | ||||