CVSS: 9.7EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5396
https://notcve.org/view.php?id=CVE-2019-5396
A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. Se detectó una vulnerabilidad de omisión de autenticación remota en HPE 3PAR Service Processor versión(es): anteriores a 5.0.5.1. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03942en_us •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5395
https://notcve.org/view.php?id=CVE-2019-5395
A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. Se detectó una vulnerabilidad de carga de archivos arbitraria remota en HPE 3PAR Service Processor versión(es): anteriores a 5.0.5.1. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03942en_us • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5401
https://notcve.org/view.php?id=CVE-2019-5401
A potential security vulnerability has been identified in HP2910al-48G version W.15.14.0016. The attack exploits an xss injection by setting the attack vector in one of the switch persistent configuration fields (management URL, location, contact). But admin privileges are required to configure these fields thereby reducing the likelihood of exploit. HPE Aruba has provided firmware updates to resolve the vulnerability in HP 2910-48G al Switch. Please update to W.15.14.0017. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03944en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3486 – ArcSight Security Management Center stored cross site script issue in version prior to 2.9.1
https://notcve.org/view.php?id=CVE-2019-3486
Mitigates a stored cross site scripting issue in ArcSight Security Management Center versions prior to 2.9.1 Mitiga un problema de Cross-Site Scripting (XSS) persistente en ArcSight Security Management Center en versiones anteriores a la 2.9.1. • https://community.microfocus.com/t5/ArcSight-Management-Center-ArcMC/ArcSight-Management-Center-2-91-Release-Notes/ta-p/1790266?attachment-id=74671 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3485 – ArcSight Logger stored cross site script issue in version prior to 6.7.1
https://notcve.org/view.php?id=CVE-2019-3485
Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1 Mitiga un problema de Cross-Site Scripting (XSS) persistente en ArcSight Logger, en versiones anteriores a la 6.7.1. • http://www.securityfocus.com/bid/109363 https://community.microfocus.com/t5/Logger/Logger-Release-Notes-6-71/ta-p/1790256?attachment-id=75011 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •