HP Integrated Lights-Out Improper Input Validation (CVE-2022-28635)

A potential local arbitrary code execution and a local denial of service DoS vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to potentially execute arbitra...

HP Integrated Lights-Out Authentication Bypass Using an Alternate Path or Channel (CVE-2018-7113)

A security vulnerability in HPE Integrated Lights-Out 5 iLO 5 prior to v1.37 could be locally exploited to bypass the security restrictions for firmware updates. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2021-29206)

"A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504401; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/11/13"; scriptcveid"CVE-2021-29206";...

HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2018-7117)

A remote Cross-Site Scripting in HPE iLO 5 Web User Interface vulnerability was identified in HPE Integrated Lights-Out 5 iLO 5 for Gen10 ProLiant Servers earlier than version v1.40. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

HP Integrated Lights-Out Improper Input Validation (CVE-2022-28640)

A potential local adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability was discovered in HPE Integrated Lights-Out 5 iLO 5 in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated...

HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2019-11982)

A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 iLO 4 earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 iLO 5 for Gen10 Servers earlier than version v1.39. This plugin only works with Tenable.ot. Please visit...

HP Integrated Lights-Out Improper Input Validation (CVE-2022-28633)

A local disclosure of sensitive information and a local unauthorized data modification vulnerability were discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to read and write to the iLO 5 firmware file...

HP Integrated Lights-Out Improper Input Validation (CVE-2022-28632)

A potential arbitrary code execution and a denial of service DoS vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could exploit this vulnerability in an adjacent network to potentially execute...

EUVD-2013-4650

Malware in sbrugna...

kernel security, bug fix, and enhancement update

4.18.0-425.3.1.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

CVE-2022-28638

An isolated local disclosure of information and potential isolated local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 iLO 5 in Version: 2.71. Hewlett Packard Enterprise h...

HP iLO 3 < 1.93 / HP iLO 4 < 2.75 / HP iLO Superdome 4 < 1.64 / HP iLO 5 < 2.18 / HP Moonshot/Edgeline iLO 5 < 2.30 Ripple20 Multiple vulnerabilities

Multiple security vulnerabilities have been identified in Integrated Lights-Out firmware generation 3 iLO 3 prior to version 1.93, generation 4 iLO 4 prior to version 2.75, and generation 5 iLO 5 prior to version 2.18. Superdome generation 4 versions prior to 1.64 and Moonshot/Edgeline generation...

CVE-2020-7206

HP nagios plugin for iLO nagios-plugins-hpilo v1.50 and earlier has a php code injection vulnerability...

CVE-2020-7206

HP nagios plugin for iLO nagios-plugins-hpilo v1.50 and earlier has a php code injection vulnerability...

http-hp-ilo-info NSE Script

Attempts to extract information from HP iLO boards including versions and addresses. HP iLO boards have an unauthenticated info disclosure at ip/xmldata?item=all. It lists board informations such as server model, firmware version, MAC addresses, IP addresses, etc. This script uses the slaxml...

How to configure console access on XenServer or Citrix Hypervisor

This article is for customers running Citrix Hypervisor or XenServer who want to configure serial console access to their XenServer hosts. In some support cases, serial console access to the XenServer host is required for debug purposes. The serial connection is to use with HyperTerminal or simil...

CVE-2015-5436

A potential security vulnerability has been identified with HP Integrated Lights-Out 4 iLO 4 firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service DoS. Note this was originally published in 2015 however the CVE ent...

Code injection

A potential security vulnerability has been identified with HP Integrated Lights-Out 4 iLO 4 firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service DoS. Note this was originally published in 2015 however the CVE ent...