CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2018-7116
https://notcve.org/view.php?id=CVE-2018-7116
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote denial of service via dbman Opcode 10003 'Filename'. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions. HPE Intelligent Management Center (IMC) en versiones anteriores a IMC PLAT 7.3 (E0605P06) es vulnerable a una denegación de servicio (DoS) remota mediante dbman Opcode 10003 "Filename". El problema se ha resuelto en IMC PLAT 7.3 E0605P06 o en versiones posteriores. • http://www.securityfocus.com/bid/106211 http://www.securitytracker.com/id/1042182 https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03906en_us https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03906en_us • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2018-7113
https://notcve.org/view.php?id=CVE-2018-7113
A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) prior to v1.37 could be locally exploited to bypass the security restrictions for firmware updates. Una vulnerabilidad de seguridad en HPE Integrated Lights-Out 5 (iLO 5) en versiones anteriores a la v1.37 podría explotarse localmente para omitir las restricciones de seguridad para las actualizaciones de firmware. • http://www.securitytracker.com/id/1042010 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03894en_us •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2018-7111
https://notcve.org/view.php?id=CVE-2018-7111
A remote unauthorized access vulnerability was identified in HPE UIoT versions 1.5, 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. Specifically, there is a malfunction identified in some section of the DSM portal and some DSM APIs. The impact of the malfunction is that the info can be changed by other users. Se ha identificado una vulnerabilidad de acceso remoto no autorizado en HPE UIoT en versiones 1.5, 1.4.0, 1.4.1, 1.4.2 y 1.2.4.2. Específicamente, hay un mal funcionamiento identificado en algunas secciones del portal DSM y algunas API DSM. • http://www.securityfocus.com/bid/105704 https://exchange.xforce.ibmcloud.com/vulnerabilities/151691 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03891en_us •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2018-7076
https://notcve.org/view.php?id=CVE-2018-7076
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prior to iMC PLAT 7.3 E0605P04. Se ha identificado una vulnerabilidad de ejecución remota de código en HPE Intelligent Management Center (iMC) en versiones anteriores a la PLAT 7.3 E0605P04. • https://exchange.xforce.ibmcloud.com/vulnerabilities/151693 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03901en_us • CWE-287: Improper Authentication •
CVSS: 3.4EPSS: 0%CPEs: 30EXPL: 0CVE-2018-3136 – OpenJDK: Incorrect handling of unsigned attributes in signed Jar manifests (Security, 8194534)
https://notcve.org/view.php?id=CVE-2018-3136
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/105601 http://www.securitytracker.com/id/1041889 https://access.redhat.com/errata/RHSA-2018:2942 https://access.redhat.com/errata/RHSA-2018:2943 https://access.redhat.com/errata/RHSA-2018:3000 https://access.redhat.com/errata/RHSA-2018:3001 https://access.redhat.com/errata/RHSA-2018:3002 https://access.redhat.com/errata/RHSA-2018:3003 https://access.redhat.com/errata/ • CWE-347: Improper Verification of Cryptographic Signature •