Hpe: Security Vulnerabilities
A command injection remote code execution vulnerability exists in HPE StoreOnce Software.
CVSS Score
7.5
EPSS Score
0.013
Published
2025-06-02
A vulnerability in the HPE Performance Cluster Manager (HPCM) GUI could allow an attacker to bypass authentication.
CVSS Score
8.1
EPSS Score
0.003
Published
2025-04-21
A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may allow remote code execution.
CVSS Score
9.8
EPSS Score
0.513
Published
2024-11-27
A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code.
CVSS Score
8.1
EPSS Score
0.007
Published
2024-11-26
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.
CVSS Score
7.3
EPSS Score
0.474
Published
2024-11-26
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.
CVSS Score
7.3
EPSS Score
0.839
Published
2024-11-26
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.
CVSS Score
7.3
EPSS Score
0.015
Published
2024-11-26
This vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users.
CVSS Score
5.5
EPSS Score
0.002
Published
2024-10-18
HPE Cray Parallel Application Launch Service (PALS) is subject to an authentication bypass.
CVSS Score
9.8
EPSS Score
0.005
Published
2024-06-13
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 6 (iLO 6). The vulnerability could be remotely exploited to allow authentication bypass.
CVSS Score
7.5
EPSS Score
0.006
Published
2023-12-19