VYPR

Vendor CVEs

HPE

All CVEs

585 total · sorted by risk
  • CVE-2002-0812Aug 12, 2002
    risk 0.03cvss epss 0.03

    Information leak in Compaq WL310, and the Orinoco Residential Gateway access point it is based on, uses a system identification string as a default SNMP read/write community string, which allows remote attackers to obtain and modify sensitive configuration information by…

  • CVE-2000-0702Oct 20, 2000
    risk 0.03cvss epss 0.01

    The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.

  • CVE-2000-0468Jun 2, 2000
    risk 0.03cvss epss 0.01

    man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack.

  • CVE-1999-0050Dec 1, 1996
    risk 0.03cvss epss 0.01

    Buffer overflow in HP-UX newgrp program.

  • CVE-2024-53675Nov 26, 2024
    risk 0.02cvss epss 0.84

    An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.

  • CVE-2021-29212Nov 1, 2021
    risk 0.01cvss epss 0.13

    A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arbitrary code leading complete impact to…

  • CVE-2021-25140Feb 9, 2021
    risk 0.01cvss epss 0.12

    A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configure an HPE Moonshot 1500…

  • CVE-2021-25139Feb 9, 2021
    risk 0.01cvss epss 0.08

    A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configure an HPE Moonshot 1500…

  • CVE-2020-7199Dec 2, 2020
    risk 0.01cvss epss 0.09

    A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands,…

  • CVE-2004-1332Dec 31, 2004
    risk 0.01cvss epss 0.10

    Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.

  • CVE-2026-23816Mar 11, 2026
    risk 0.00cvss epss 0.01

    A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.

  • CVE-2026-23600Mar 2, 2026
    risk 0.00cvss epss 0.01

    A remote authentication bypass vulnerability  exists in HPE AutoPass License Server (APLS).

  • CVE-2025-37107Jul 16, 2025
    risk 0.00cvss epss 0.00

    An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.

  • CVE-2025-37106Jul 16, 2025
    risk 0.00cvss epss 0.00

    An authentication bypass and disclosure of information vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.

  • CVE-2025-37105Jul 16, 2025
    risk 0.00cvss epss 0.01

    An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.

  • CVE-2024-51770Jul 14, 2025
    risk 0.00cvss epss 0.00

    An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.

  • CVE-2024-51769Jul 14, 2025
    risk 0.00cvss epss 0.00

    An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.

  • CVE-2024-51768Jul 14, 2025
    risk 0.00cvss epss 0.00

    An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.

  • CVE-2024-51767Jul 14, 2025
    risk 0.00cvss epss 0.01

    An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.

  • CVE-2025-37099Jul 1, 2025
    risk 0.00cvss epss 0.01

    A remote code execution vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646.

  • CVE-2025-37098Jul 1, 2025
    risk 0.00cvss epss 0.30

    A path traversal vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646.

  • CVE-2025-37097Jul 1, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in HPE Insight Remote Support (IRS) prior to v7.15.0.646 may allow an unauthenticated denial of service

  • CVE-2025-37096Jun 2, 2025
    risk 0.00cvss epss 0.01

    A command injection remote code execution vulnerability exists in HPE StoreOnce Software.

  • CVE-2025-37095Jun 2, 2025
    risk 0.00cvss epss 0.01

    A directory traversal information disclosure vulnerability exists in HPE StoreOnce Software.

  • CVE-2025-37094Jun 2, 2025
    risk 0.00cvss epss 0.01

    A directory traversal arbitrary file deletion vulnerability exists in HPE StoreOnce Software.

  • CVE-2025-37093Jun 2, 2025
    risk 0.00cvss epss 0.01

    An authentication bypass vulnerability exists in HPE StoreOnce Software.

  • CVE-2025-37092Jun 2, 2025
    risk 0.00cvss epss 0.01

    A command injection remote code execution vulnerability exists in HPE StoreOnce Software.

  • CVE-2025-37091Jun 2, 2025
    risk 0.00cvss epss 0.01

    A command injection remote code execution vulnerability exists in HPE StoreOnce Software.

  • CVE-2025-37090Jun 2, 2025
    risk 0.00cvss epss 0.01

    A server-side request forgery vulnerability exists in HPE StoreOnce Software.

  • CVE-2025-37089Jun 2, 2025
    risk 0.00cvss epss 0.01

    A command injection remote code execution vulnerability exists in HPE StoreOnce Software.

  • CVE-2025-27086Apr 21, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the HPE Performance Cluster Manager (HPCM) GUI could allow an attacker to bypass authentication.

  • CVE-2025-23053Jan 28, 2025
    risk 0.00cvss epss 0.00

    A privilege escalation vulnerability exists in the web-based management interface of HPE Aruba Networking Fabric Composer. Successful exploitation could allow an authenticated low privilege operator user to change the state of certain settings of a vulnerable system.

  • CVE-2025-23054Jan 28, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of HPE Aruba Networking Fabric Composer could allow an authenticated low privilege operator user to perform operations not allowed by their privilege level. Successful exploitation could allow an attacker to manipulate user…

  • CVE-2025-23057Jan 28, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the web management interface of HPE Aruba Networking Fabric Composer could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack. If successfully exploited, a threat actor could run arbitrary script code in a victim's web…

  • CVE-2025-23056Jan 28, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the web management interface of HPE Aruba Networking Fabric Composer could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack. If successfully exploited, a threat actor could run arbitrary script code in a victim's web…

  • CVE-2025-23055Jan 28, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the web management interface of HPE Aruba Networking Fabric Composer could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack. If successfully exploited, a threat actor could run arbitrary script code in a victim's web…

  • CVE-2024-51773Dec 3, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management interface could allow an authenticated remote Attacker to conduct a stored cross-site scripting (XSS) attack. Successful exploitation could enable a threat actor to perform any actions the…

  • CVE-2024-51771Dec 3, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management interface could allow an authenticated remote threat actor to conduct a remote code execution attack. Successful exploitation could enable the attacker to run arbitrary commands on the…

  • CVE-2024-53674Nov 26, 2024
    risk 0.00cvss epss 0.47

    An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.

  • CVE-2024-53673Nov 26, 2024
    risk 0.00cvss epss 0.01

    A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code.

  • CVE-2024-11622Nov 26, 2024
    risk 0.00cvss epss 0.02

    An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.

  • CVE-2024-41136Jul 24, 2024
    risk 0.00cvss epss 0.01

    An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateways Command Line Interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying…

  • CVE-2024-22441Jun 13, 2024
    risk 0.00cvss epss 0.00

    HPE Cray Parallel Application Launch Service (PALS) is subject to an authentication bypass.

  • CVE-2023-30912Oct 25, 2023
    risk 0.00cvss epss 0.01

    A remote code execution issue exists in HPE OneView.

  • CVE-2023-30910Oct 9, 2023
    risk 0.00cvss epss 0.00

    HPE MSA Controller prior to version IN210R004 could be remotely exploited to allow inconsistent interpretation of HTTP requests. 

  • CVE-2023-30909Sep 14, 2023
    risk 0.00cvss epss 0.01

    A remote authentication bypass issue exists in some OneView APIs.

  • CVE-2023-30908Sep 7, 2023
    risk 0.00cvss epss 0.01

    A remote authentication bypass issue exists in a OneView API.

  • CVE-2023-38402Aug 15, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting…

  • CVE-2023-38401Aug 15, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.

  • CVE-2023-30904Jun 16, 2023
    risk 0.00cvss epss 0.00

    A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information.

Page 8 of 12