Hp: Security Vulnerabilities
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS.
CVSS Score
7.2
EPSS Score
0.004
Published
2023-09-05
Aruba AirWave before 8.0.7 allows XSS attacks agsinat an administrator.
CVSS Score
6.1
EPSS Score
0.008
Published
2023-09-05
Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-09-05
Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23,
before 09-66-17,
before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W
, before 09-66-/Q
; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02.
CVSS Score
5.3
EPSS Score
0.002
Published
2023-08-29
IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-08-22
Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.
CVSS Score
7.3
EPSS Score
0.001
Published
2023-08-16
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-08-15
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-08-15
IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 262905.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-14
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS Score
9.8
EPSS Score
0.009
Published
2023-07-25