CVSS: 8.3EPSS: 0%CPEs: 39EXPL: 0CVE-2019-11983
https://notcve.org/view.php?id=CVE-2019-11983
05 Jun 2019 — A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39. Fue encontrada una vulnerabilidad de desbordamiento de búfer remoto en HPE Integrated Lights-Out 4 (iLO 4) anterior a versión 2.61b para servidores Gen9 e Integrated Lights-Out 5 (iLO 5) para servidores Gen10 anteriores a la versión versión 1.39. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03917en_us • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.3EPSS: 0%CPEs: 39EXPL: 0CVE-2019-11982
https://notcve.org/view.php?id=CVE-2019-11982
05 Jun 2019 — A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39. Fue encontrada una vulnerabilidad de tipo cross site scripting remota en HPE Integrated Lights-Out 4 (iLO 4) anterior a la versión 2.61b para servidores Gen9 e Integrated Lights-Out 5 (iLO 5) para servidores Gen10 anteriores a la versión 1.39. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03917en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 205EXPL: 0CVE-2018-7112
https://notcve.org/view.php?id=CVE-2018-7112
03 Dec 2018 — The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which also addressed the original Spectre/Meltdown set of vulnerabilities. At that time, the Windows firmware installer was also updated in the versions of HPE Integrated Lights-Out 2, 3, and 4 (iLO 2, 3, and 4) listed in ... • http://www.securitytracker.com/id/1041984 •
CVSS: 7.5EPSS: 4%CPEs: 17EXPL: 0CVE-2018-7101
https://notcve.org/view.php?id=CVE-2018-7101
27 Sep 2018 — A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30. Se ha identificado una potencial vulnerabilidad de seguridad de denegación de servicio (DoS) remoto en HPE Integrated Lights Out 4 en versiones anteriores a la v2.60 e iLO 5 para servidores Gen 10 en versiones anteriores a la v1.30. • http://www.securitytracker.com/id/1041488 •
CVSS: 9.0EPSS: 1%CPEs: 6EXPL: 0CVE-2018-7105
https://notcve.org/view.php?id=CVE-2018-7105
27 Sep 2018 — A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information. Podría explotarse remotamente una vulnerabilidad de seguridad en HPE Integrated Lights-Out 5 (iLO 5) para servidores HPE Gen10 en versiones anteriores a la v1.35, HPE Integrated Lights-Out 4 (iLO 4) en versiones ant... • http://www.securityfocus.com/bid/105425 •
CVSS: 8.6EPSS: 4%CPEs: 7EXPL: 0CVE-2018-7093
https://notcve.org/view.php?id=CVE-2018-7093
14 Aug 2018 — A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service. Una vulnerabilidad de seguridad en HPE Integrated Lights-Out 3 en versiones anteriores a la v1.90, iLO 4 en versiones anteriores a la v2.60, iLO 5 en versiones anteriores a la v1.30, Moonshot Chassis Manager con firmware en versiones anteriores... • http://www.securitytracker.com/id/1041435 •
CVSS: 9.0EPSS: 3%CPEs: 3EXPL: 0CVE-2018-7078
https://notcve.org/view.php?id=CVE-2018-7078
06 Aug 2018 — A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30. Se ha identificado una ejecución remota de código en HPE Integrated Lights-Out 4 (iLO 4) anteriores a la v2.60 y HPE Integrated Lights-Out 5 (iLO 5) anteriores a la v1.30. • http://www.securitytracker.com/id/1041188 •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-12543 – HPE Security Bulletin HPESBHF03705 4
https://notcve.org/view.php?id=CVE-2017-12543
16 Nov 2017 — A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found. Se ha encontrado una vulnerabilidad de divulgación remota de información en Moonshot Remote Console Administrator en versiones anteriores a la 2.50; iLO 4 en versiones anteriores a la v2.53, iLO3 en versiones anteriores a la v1.89 y iLO2 en versiones anteriores a la v2.30. A potential security vulnerability has been identified in... • http://www.securityfocus.com/bid/101944 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 94%CPEs: 2EXPL: 5CVE-2017-12542 – HPE iLO 4 < 2.53 - Add New Administrator User
https://notcve.org/view.php?id=CVE-2017-12542
24 Aug 2017 — A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found. Se ha encontrado una vulnerabilidad de omisión de autenticación y ejecución de código en HPE Integrated Lights-out 4 (iLO 4) en versiones anteriores a la 2.53. A potential security vulnerability has been identified in HPE Integrated Lights-out (iLO 4). The vulnerability could be exploited remotely to allow authentication bypass and execution of code. Revision 1 of this advisory... • https://packetstorm.news/files/id/180903 •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4406 – HP Security Bulletin HPSBHF03675 1
https://notcve.org/view.php?id=CVE-2016-4406
20 Nov 2016 — A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44. Se ha identificado una vulnerabilidad remota de Cross-Site Scripting (XSS) en iLO 3 en todas las versiones anteriores a la v1.88 y HPE iLO 4 en todas las versiones anteriores a la v2.44. A potential security vulnerability was addressed by HPE Integrated Lights-Out 3 and 4. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Revision 1 of... • http://www.securityfocus.com/bid/94426 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •