hpe

187 tracked vulnerabilities.

CVE-2026-23818 HIGH
Open Redirect Vulnerability in HPE Aruba Networking Private 5G Core On-Prem
Apr 07, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-23817 MEDIUM
HPE AOS-CX Unauthenticated Open Redirect via Web Management Interface
Mar 11, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-23598 MEDIUM
HPE Aruba 5G Core - Info Disclosure
Feb 17, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-23597 MEDIUM
HPE Aruba 5G Core - Info Disclosure
Feb 17, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-23596 MEDIUM
Aruba Networking Private 5G Core 1.24.3.0-1.24.3.2 - Unauthenticated Denial of Service via Management API
Feb 17, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-23595 HIGH
HPE Aruba Networking Private 5G Core 1.24.3.0-1.24.3.2 - Unauthenticated Authentication Bypass via API
Feb 17, 2026
CVSS 8.8
EPSS 0.00
CVE-2025-37164 CRITICAL KEVNUCLEI
HPE OneView unauthenticated RCE
Dec 16, 2025
CVSS 10.0
EPSS 0.75
CVE-2025-37160 MEDIUM
ArubaOS-CX 10.10.0000-10.10.1169 - Authenticated Sensitive Information Exposure via Web Management Interface
Nov 18, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-37159 MEDIUM
ArubaOS-CX 10.10.0000-10.10.1169 - Authenticated Session Fixation
Nov 18, 2025
CVSS 5.8
EPSS 0.00
CVE-2025-37158 MEDIUM
ArubaOS-CX 10.10.0000-10.10.1169 - Authenticated Remote Code Execution via Command Injection
Nov 18, 2025
CVSS 6.7
EPSS 0.00
CVE-2025-37157 MEDIUM
ArubaOS-CX 10.10.0000-10.10.1169 - Authenticated Remote Code Execution via Command Injection
Nov 18, 2025
CVSS 6.7
EPSS 0.00
CVE-2025-37156 MEDIUM
ArubaOS-CX 10.10.0000-10.10.1169 - Authenticated Denial of Service via Platform-Level Code Execution
Nov 18, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-37155 HIGH
ArubaOS-CX 10.10.0000-10.10.1169 - Authenticated Privilege Escalation via SSH Restricted Shell
Nov 18, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-37107 HIGH
HPE AutoPass License Server < 9.18 - Authentication Bypass
Jul 16, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-37106 HIGH
HPE AutoPass License Server < 9.18 - Authentication Bypass and Information Disclosure
Jul 16, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-37105 HIGH
HPE AutoPass License Server < 9.18 - Remote Code Execution via HSQLDB
Jul 16, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-37099 CRITICAL
HPE Insight Remote Support < 7.15.0.646 - Remote Code Execution
Jul 01, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-37098 HIGH
HPE Insight Remote Support < 7.15.0.646 - Path Traversal
Jul 01, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-37097 HIGH
HPE Insight Remote Support < 7.15.0.646 - Unauthenticated Denial of Service
Jul 01, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-37096 CRITICAL
HPE StoreOnce System < 4.3.11 - Remote Code Execution via Command Injection
Jun 02, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-37095 CRITICAL
HPE StoreOnce System < 4.3.11 - Path Traversal
Jun 02, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-37094 MEDIUM
HPE StoreOnce System < 4.3.11 - Path Traversal and Arbitrary File Deletion
Jun 02, 2025
CVSS 5.5
EPSS 0.03
CVE-2025-37093 CRITICAL
HPE StoreOnce System < 4.3.11 - Authentication Bypass
Jun 02, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-37092 CRITICAL
HPE StoreOnce System < 4.3.11 - Remote Code Execution via Command Injection
Jun 02, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-37091 HIGH
HPE StoreOnce System < 4.3.11 - Remote Code Execution via Command Injection
Jun 02, 2025
CVSS 7.2
EPSS 0.01
Products
integrated_lights-out_5_firmware 17 cloudline_cl3100_gen10_server_firmware 16 cloudline_cl4100_gen10_server_firmware 16 cloudline_cl5200_gen9_server_firmware 16 cloudline_cl5800_gen10_server_firmware 16 cloudline_cl5800_gen9_server_firmware 16 arubaos-cx 14 baseboard_management_controller 14 insight_remote_support 9 storeonce_system 8 autopass_license_server 7 hpux-ntp 7 nimbleos 6 oneview_global_dashboard 6 aruba_networking_private_5g_core 5 superdome_flex_server_firmware 5 HPE System Management Homepage before v7.6 4 smart_update_manager 4 arubaos-switch 3 hf20_firmware 3 hf20c_firmware 3 hf20h_firmware 3 hf40_firmware 3 hf40c_firmware 3 hf60_firmware 3 hf60c_firmware 3 oneview 3 serviceguard_for_linux 3 sf100_firmware 3 sf300_firmware 3
Quick Filters
Critical CVEs With Exploits In CISA KEV