466 matches found
CVE-2022-23701
A potential remote host header injection security vulnerability has been identified in HPE Integrated Lights-Out 4 iLO 4 firmware versions: Prior to 2.60. This vulnerability could be remotely exploited to allow an attacker to supply invalid input to the iLO 4 webserver, causing it to respond with...
CVE-2022-23704
A potential security vulnerability has been identified in Integrated Lights-Out 4 iLO 4. The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 iLO 4 2.80 and later...
HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2021-29201)
"A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504414; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/11/13"; scriptcveid"CVE-2021-29201";...
HP Integrated Lights-Out Denial of Service (CVE-2018-7093)
A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service. This plugin only works with...
HP Integrated Lights-Out Improper Input Validation (CVE-2016-4375)
Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 aka iLO 3 firmware before 1.88, Integrated Lights-Out 4 aka iLO 4 firmware before 2.44, and Integrated Lights-Out 4 aka iLO 4 mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause...
HP Integrated Lights-Out Buffer Copy without Checking Size of Input (CVE-2021-29202)
"A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504415; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/11/13";...
HP Integrated Lights-Out Denial of Service (CVE-2015-5436)
A potential security vulnerability has been identified with HP Integrated Lights-Out 4 iLO 4 firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service DoS. Note this was originally published in 2015 however the CVE ent...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28626)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28638)
An isolated local disclosure of information and potential isolated local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 iLO 5 in Version: 2.71. Hewlett Packard Enterprise h...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-23704)
A potential security vulnerability has been identified in Integrated Lights-Out 4 iLO 4. The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 iLO 4 2.80 and later. This plugin only works with Tenable.ot. Please visit...
HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2021-29205)
"A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504417; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/11/13"; scriptcveid"CVE-2021-29205";...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28634)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and...
HP Integrated Lights-Out Denial of Service (CVE-2023-30911)
HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest may cause denial of service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
HP Integrated Lights-Out Information Disclosure (CVE-2017-12543)
A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more informatio...
HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2021-29208)
"A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504425; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/11/13";...
HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2023-28083)
A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 iLO 6, Integrated Lights-Out 5 iLO 5 and Integrated Lights-Out 4 iLO 4. HPE has provided software updates to resolve this vulnerability in HPE Integrated Lights-Out. This plugin only works with Tenable.ot...
HP Integrated Lights-Out Improper Input Validatio (CVE-2022-28629)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. A low privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availabilit...
HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2021-29211)
"A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504424; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/11/13"; scriptcveid"CVE-2021-29211";...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28627)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability...
HP Integrated Lights-Out Denial of Service (CVE-2018-7101)
A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...