14 matches found
HPESBHF05006 rev.1 - Certain HPE ProLiant DL/ML/XD, Synergy, and Alletra Servers Using Certain Intel Processors, INTEL-SA-01401, UPLR1 - Intel Server Firmware Advisory, Local Denial of Service Vulnerability
Potential Security Impact: Local: Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant Compute DL320 Gen12 - Prior to 1.6001-09-2026 HPE ProLiant Compute DL340 Gen12 - Prior to 1.6001-09-2026 HPE ProLiant Compute ML350 Gen12 - Prior to 1.6001-09-2026...
CVE-2020-7135
A potential security vulnerability has been identified in the disk drive firmware installers named Supplemental Update / Online ROM Flash Component on HPE servers running Linux. The vulnerable software is included in the HPE Service Pack for ProLiant SPP releases 2018.06.0, 2018.09.0, and...
HPESBHF04916 rev.2 - Certain HPE ProLiant DL/ML/XD, Synergy, Alletra, and Edgeline Servers Using Certain Intel Processors, INTEL-SA-01312, Intel TDX Module Advisory, Multiple Vulnerabilities
Potential Security Impact: Local: Disclosure of Information, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Alletra 4110 - Prior to 2.6008-07-2025 HPE Alletra 4120 - Prior to 2.6008-07-2025 HPE Alletra 4140 - Prior to 2.6008-07-2025 HPE ProLiant DL110...
HPESBHF04874 rev.1 - HPE DL/ML, MicroServer, Synergy, Apollo, XL and Edgeline Servers Using Intel Server Platform Services (SPS) Firmware, INTEL-SA-01209 - Intel PTT and SPS Advisory, Local Denial of Service Vulnerability
Potential Security Impact: Local: Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL110 Gen10 Plus Telco server - Prior to SPSE504.04.04.702 HPE ProLiant DL360 Gen10 Plus server - Prior to SPSE504.04.04.702 HPE ProLiant DL380 Gen10 Plus server -...
CVE-2021-29204
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4; HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H versions: Pri...
Remote file inclusion
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4; HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H versions: Pri...
Buffer overflow
The Baseboard Management ControllerBMC in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spxrestservice startflashfunc function...
CVE-2020-7135
A potential security vulnerability has been identified in the disk drive firmware installers named Supplemental Update / Online ROM Flash Component on HPE servers running Linux. The vulnerable software is included in the HPE Service Pack for ProLiant SPP releases 2018.06.0, 2018.09.0, and...
Design/Logic Flaw
A potential security vulnerability has been identified in the disk drive firmware installers named Supplemental Update / Online ROM Flash Component on HPE servers running Linux. The vulnerable software is included in the HPE Service Pack for ProLiant SPP releases 2018.06.0, 2018.09.0, and...
HPESBHF03945 rev.1 - HPE Servers using Supplemental Update / Online ROM Flash Component for Linux, Local Execution of Arbitrary Code.
Potential Security Impact: Local: Execution of Arbitrary Code With Privilege Elevation SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Service Pack for ProLiant 2018.06.0, 2018.09.0, 2018.11.0 - Only applies to Linux firmware installer HPE SATA Read Intensive Solid State Drive...
HPESBHF03943 rev.1 - Certain HPE Servers using AMD EPYC 7001 series Processors, Local Disclosure of Information
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL385 Gen10 Server All versions prior to v1.44 6/24/2019 HPE ProLiant DL325 Gen10 Server All versions prior to v1.44 6/24/2019 CVSS Scores: | CVE | CVSS Vector ...
Cross site scripting
A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 iLO 4 earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 iLO 5 for Gen10 Servers earlier than version v1.39...
CVE-2018-7112
The CVE-2018-7112 flaw affects HPE ProLiant servers (Gen9/Gen8, G7, G6) via the Windows firmware installer and related system ROM/iLO components. Root cause: local disclosure of privileged information due to the HPE Windows firmware installer. Remediation: updated firmware installers released in ...
HPESBHF03874 rev.1 - Certain HPE Products using Intel-based Processors, L1 Terminal Fault (L1TF) Speculative Side-channel Vulnerabilities, Local Disclosure of Information
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL580 Gen10 Server - Prior to 1.4206-20-20184 Jul 2018 HPE ProLiant DL560 Gen10 Server - Prior to 1.4206-20-20184 Jul 2018 HPE ProLiant DL380 Gen10 Server - Pri...