Shodan
Vulnerabilities
Vulnerable Software
Hpe:  Security Vulnerabilities
CVE-2019-8936
NTP through 4.2.8p12 has a NULL Pointer Dereference.
CVSS Score
7.5
EPSS Score
0.057
Published
2019-05-15
CVE-2019-7317
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVSS Score
5.3
EPSS Score
0.094
Published
2019-02-04
CVE-2015-9281
Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout page.
CVSS Score
6.1
EPSS Score
0.006
Published
2019-01-17
CVE-2018-20732
SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a Java deserialization variant.
CVSS Score
9.8
EPSS Score
0.04
Published
2019-01-17
CVE-2018-20733
BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE.
CVSS Score
7.5
EPSS Score
0.011
Published
2019-01-17
CVE-2018-7110
A remote unauthorized disclosure of information vulnerability was identified in HPE Service Governance Framework (SGF) version 4.2, 4.3. A race condition under high load in SGF exists where SGF transferred different parameter to the enabler.
CVSS Score
5.9
EPSS Score
0.007
Published
2018-10-17
CVE-2018-7107
A potential security vulnerability has been identified in HPE Device Entitlement Gateway (DEG) v3.2.4, v3.3 and v3.3.1. The vulnerability could be remotely exploited to allow local SQL injection and elevation of privilege.
CVSS Score
8.8
EPSS Score
0.009
Published
2018-09-27
CVE-2018-7108
HPE StorageWorks XP7 Automation Director (AutoDir) version 8.5.2-02 to earlier than 8.6.1-00 has a local and remote authentication bypass vulnerability that exposed the user authentication information of the storage system. This problem sometimes occurred under specific conditions when running a service template.
CVSS Score
5.9
EPSS Score
0.025
Published
2018-09-27
CVE-2018-7094
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-5.0.0.0-22913(GA). The vulnerability may be exploited locally to allow disclosure of privileged information.
CVSS Score
5.5
EPSS Score
0.004
Published
2018-08-14
CVE-2017-9003
Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed.
CVSS Score
7.5
EPSS Score
0.036
Published
2018-08-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved