12 matches found
HP Integrated Lights-Out Information Disclosure (CVE-2018-7112)
The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which...
EUVD-2018-18855
Malware in sbrugna...
HPESBHF04896 rev.1 - Certain HPE SimpliVity Servers Using Certain AMD EPYC Processors, AMD-SB-7029: AMD Transient Scheduler Attacks, Multiple Vulnerabilities
Potential Security Impact: Local: Disclosure of Privileged Information, Disclosure of Sensitive Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 325 Gen10 Plus - Prior to Gen10 Support Pack SVTSPGen10 v20250630 HPE SimpliVity 325 Gen11 - Prior to Gen11...
CVE-2024-37137
Dell Key Trust Platform, v3.0.6 and prior, contains Use of a Cryptographic Primitive with a Risky Implementation vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to privileged information disclosure...
HPESBST04254 rev.1 - HPE Fibre Channel and SAN Switches with Brocade Fabric OS (FOS) Prior to v8.0.1b and v7.4.1d, Disclosure of Privileged Information
Potential Security Impact: Remote: Disclosure of Privileged Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE B-series SN6000B Fibre Channel Switch -Prior to v8.0.1b HPE B-series SN3600B Fibre Channel Switch -Prior to v8.0.1b HPE B-series SN4000B SAN Extension Switch...
CVE-2018-18593
Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. T...
CVE-2018-7099
A security vulnerability was identified in 3PAR Service Processor SP prior to SP-4.4.0.GA-110MU7. The vulnerability may be locally exploited to allow disclosure of privileged information...
Security feature bypass
A security vulnerability was identified in 3PAR Service Processor SP prior to SP-4.4.0.GA-110MU7. The vulnerability may be locally exploited to allow disclosure of privileged information...
Security feature bypass
A security vulnerability was identified in 3PAR Service Processor SP prior to SP-5.0.0.0-22913GA. The vulnerability may be exploited locally to allow disclosure of privileged information...
PicketBox/JBossSX: Unauthorized access to and modification of application server configuration and state by application
It was identified that PicketBox/JBossSX allowed any deployed application to alter or read the underlying application server configuration and state without any authorization checks. An attacker able to deploy applications could use this flaw to circumvent security constraints applied to other...
SAP Business Connector 4.6/4.7 chopSAPLog.dsp fullName Variable Arbitrary File Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/16668/info SAP Business Connector is prone to a file-access/deletion vulnerability. This issue arises due to an access-validation error. A successful attack will result in the disclosure of sensitive or privileged...
SAP Business Connector 4.64.7 - deleteSingle?fullName Arbitrary File Deletion
SAP Business Connector 4.64.7 - deleteSingle?fullName Arbitrary File Deletion source: https://www.securityfocus.com/bid/16668/info SAP Business Connector is prone to a file-access/deletion vulnerability. This issue arises due to an access-validation error. A successful attack will result in the...