CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23706
https://notcve.org/view.php?id=CVE-2022-23706
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. Se ha detectado una vulnerabilidad de tipo cross-site scripting (xss) remoto en HPE OneView versiones anteriores a 7.0. HPE ha proporcionado una actualización de software para resolver esta vulnerabilidad en HPE OneView • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04278en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28617
https://notcve.org/view.php?id=CVE-2022-28617
A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView. Se ha detectado una vulnerabilidad de omisión remota de las restricciones de seguridad en HPE OneView versiones anteriores a 7.0. HPE ha proporcionado una actualización de software para resolver esta vulnerabilidad en HPE OneView • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04278en_us •
CVSS: 7.5EPSS: 0%CPEs: 59EXPL: 0CVE-2022-23704
https://notcve.org/view.php?id=CVE-2022-23704
A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later. Se ha identificado una posible vulnerabilidad de seguridad en Integrated Lights-Out 4 (iLO 4). La vulnerabilidad podría permitir una Denegación de Servicio remota. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04240en_us •
CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0CVE-2022-27239
https://notcve.org/view.php?id=CVE-2022-27239
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. En cifs-utils versiones hasta 6.14, un desbordamiento del búfer en la región stack de la memoria cuando es analizado el argumento de línea de comandos mount.cifs ip= podría conllevar a que atacantes locales obtuvieran privilegios de root • http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba https://bugzilla.samba.org/show_bug.cgi?id=15025 https://bugzilla.suse.com/show_bug.cgi?id=1197216 https://github.com/piastry/cifs-utils/pull/7 https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765 https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY https://lists& • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23700
https://notcve.org/view.php?id=CVE-2022-23700
A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView. Se ha detectado una vulnerabilidad de acceso de lectura local no autorizada a archivos en HPE OneView versión(es): Anteriores a 6.6. HPE ha proporcionado una actualización de software para resolver esta vulnerabilidad en HPE OneView • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04252en_us •