CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-37933
https://notcve.org/view.php?id=CVE-2022-37933
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has made the following software updates to resolve the vulnerability in HPE Superdome Flex firmware 3.60.50 and below and Superdome Flex 280 servers firmware 1.40.60 and below. Se ha identificado una posible vulnerabilidad de seguridad en los servidores HPE Superdome Flex y Superdome Flex 280. La vulnerabilidad podría explotarse para permitir la inyección local de datos no autorizados. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04400en_us • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 0%CPEs: 38EXPL: 0CVE-2022-37932 – Hewlett Packard Enterprise OfficeConnect 1820 Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-37932
A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following software updates to resolve the vulnerability in Hewlett Packard Enterprise OfficeConnect 1820, 1850 and 1920S Network switches versions: Prior to PT.02.14; Prior to PC.01.22; Prior to PO.01.21; Prior to PD.02.22; Se ha identificado una posible vulnerabilidad de seguridad en los conmutadores de red Hewlett Packard Enterprise OfficeConnect 1820, 1850 y 1920S. La vulnerabilidad podría explotarse de forma remota para permitir omitir la autenticación. HPE ha realizado las siguientes actualizaciones de software para resolver la vulnerabilidad en las versiones de los conmutadores de red Hewlett Packard Enterprise OfficeConnect 1820, 1850 y 1920S: anteriores a PT.02.14; Antes de PC.01.22; Antes de PO.01.21; Antes del PD.02.22; This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Hewlett Packard Enterprise OfficeConnect 1820 switches. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04383en_us •
CVSS: 6.4EPSS: 0%CPEs: 45EXPL: 0CVE-2021-46846
https://notcve.org/view.php?id=CVE-2021-46846
Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out 5. Vulnerabilidad de Cross-Site Scripting en Hewlett Packard Enterprise Integrated Lights-Out 5. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04133en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.0EPSS: 0%CPEs: 27EXPL: 0CVE-2022-37928
https://notcve.org/view.php?id=CVE-2022-37928
Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE Nimble Storage Hybrid Flash Arrays and Nimble Storage Secondary Flash Arrays. Vulnerabilidad de verificación insuficiente de autenticidad de datos en matrices flash híbridas de Hewlett Packard Enterprise HPE Nimble Storage y matrices flash secundarias de Nimble Storage. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04359en_us • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.7EPSS: 0%CPEs: 27EXPL: 0CVE-2022-37930
https://notcve.org/view.php?id=CVE-2022-37930
A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays and HPE Nimble Storage Secondary Flash Arrays which could potentially allow local disclosure of sensitive information. Se ha identificado una vulnerabilidad de seguridad en HPE Nimble Storage Hybrid Flash Arrays y en HPE Nimble Storage Secondary Flash Arrays que podría permitir la divulgación local de información confidencial. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst04361en_us •