Hp: Security Vulnerabilities
There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS Score
9.8
EPSS Score
0.014
Published
2024-05-14
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS Score
9.8
EPSS Score
0.014
Published
2024-05-14
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 federated server is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 283813.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-04-03
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT.
CVSS Score
6.8
EPSS Score
0.001
Published
2024-04-03
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD is vulnerable to a denial-of-service attack due to an error within the MQ clustering logic. IBM X-Force ID: 268066.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-03-20
HPE OneView may have a missing passphrase during restore.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-01-23
HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-01-23
HPE OneView may allow command injection with local privilege escalation.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-01-23
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server)
10.5, 11.1 and 11.5
could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270750.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-01-22
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272646.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-01-22