hpe

187 tracked vulnerabilities.

CVE-2025-37090 CRITICAL
HPE StoreOnce System < 4.3.11 - Server-Side Request Forgery
Jun 02, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-37089 CRITICAL
HPE StoreOnce System < 4.3.11 - Remote Code Execution via Command Injection
Jun 02, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-27086 HIGH
HPE Performance Cluster Manager - Auth Bypass
Apr 21, 2025
CVSS 8.1
EPSS 0.00
CVE-2024-51770 HIGH
HPE AutoPass License Server <9.17 - Info Disclosure
Jul 14, 2025
CVSS 7.5
EPSS 0.01
CVE-2024-51769 HIGH
HPE AutoPass License Server <9.17 - Info Disclosure
Jul 14, 2025
CVSS 7.5
EPSS 0.01
CVE-2024-51768 HIGH
HPE AutoPass License Server <9.17 - RCE
Jul 14, 2025
CVSS 8.0
EPSS 0.01
CVE-2024-51767 HIGH
HPE AutoPass License Server <9.17 - Auth Bypass
Jul 14, 2025
CVSS 7.3
EPSS 0.00
CVE-2024-53676 CRITICAL
HPE Insight Remote Support < 7.14.0.629 - Directory Traversal and Remote Code Execution
Nov 27, 2024
CVSS 9.8
EPSS 0.79
CVE-2024-53675 HIGH
HPE Insight Remote Support < 7.14.0.629 - XML External Entity Injection
Nov 26, 2024
CVSS 7.3
EPSS 0.25
CVE-2024-53674 HIGH
HPE Insight Remote Support < 7.14.0.629 - XML External Entity Injection
Nov 26, 2024
CVSS 7.3
EPSS 0.02
CVE-2024-53673 HIGH
HPE Insight Remote Support < 7.14.0.629 - Unauthenticated Remote Code Execution via Java Deserialization
Nov 26, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-11622 HIGH
HPE Insight Remote Support - Info Disclosure
Nov 26, 2024
CVSS 7.3
EPSS 0.00
CVE-2024-42508 MEDIUM
HPE OneView <= 9.20.00 - Information Disclosure
Oct 18, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-22441 CRITICAL
HPE Cray Parallel Application Launch Service 1.0.0-1.2.13 - Authentication Bypass
Jun 13, 2024
CVSS 9.8
EPSS 0.00
CVE-2023-50272 HIGH
HPE Integrated Lights-Out 5 2.63-3.00 and iLO 6 1.05-1.55 - Authentication Bypass
Dec 19, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-30912 HIGH
HPE OneView < 8.60.00 - Remote Code Execution
Oct 25, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-30911 MEDIUM
HPE Integrated Lights-Out 5 < 2.98 and 6 < 1.53 - Denial of Service via iLOrest
Oct 18, 2023
CVSS 6.8
EPSS 0.00
CVE-2023-30910 MEDIUM
HPE MSA 1060/2060/2062 Storage Firmware < IN210R004 - HTTP Request Smuggling
Oct 09, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-39268 MEDIUM
ArubaOS-Switch < a.15.16.0026 - Unauthenticated Remote Code Execution via Memory Corruption
Aug 29, 2023
CVSS 4.5
EPSS 0.00
CVE-2023-39267 MEDIUM
ArubaOS-Switch < a.15.16.0026 - Authenticated Remote Code Execution via Command Line Interface
Aug 29, 2023
CVSS 6.6
EPSS 0.00
CVE-2023-39266 HIGH
ArubaOS-Switch < a.15.16.0026 - Unauthenticated Stored Cross-Site Scripting in Web Management Interface
Aug 29, 2023
CVSS 8.3
EPSS 0.00
CVE-2023-3718 HIGH
ArubaOS-CX 10.10.0000-10.10.1049 - Authenticated Command Injection via CLI
Aug 01, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-30906 HIGH
HPE Intelligent Provisioning < 2.87 - Local Privilege Escalation
Jul 18, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-30905 HIGH
HPE SGI UV300 and Integrity MC990 X RMC Firmware < 1.2.7 - Incorrect Default Permissions
Jun 16, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-30904 MEDIUM
HPE Insight Remote Support 7.12-7.12.0.545 - Use of Hard-coded Credentials
Jun 16, 2023
CVSS 5.5
EPSS 0.00
Products
integrated_lights-out_5_firmware 17 cloudline_cl3100_gen10_server_firmware 16 cloudline_cl4100_gen10_server_firmware 16 cloudline_cl5200_gen9_server_firmware 16 cloudline_cl5800_gen10_server_firmware 16 cloudline_cl5800_gen9_server_firmware 16 arubaos-cx 14 baseboard_management_controller 14 insight_remote_support 9 storeonce_system 8 autopass_license_server 7 hpux-ntp 7 nimbleos 6 oneview_global_dashboard 6 aruba_networking_private_5g_core 5 superdome_flex_server_firmware 5 HPE System Management Homepage before v7.6 4 smart_update_manager 4 arubaos-switch 3 hf20_firmware 3 hf20c_firmware 3 hf20h_firmware 3 hf40_firmware 3 hf40c_firmware 3 hf60_firmware 3 hf60c_firmware 3 oneview 3 serviceguard_for_linux 3 sf100_firmware 3 sf300_firmware 3
Quick Filters
Critical CVEs With Exploits In CISA KEV