HP Integrated Lights-Out Improper Input Validation (CVE-2022-28635)

A potential local arbitrary code execution and a local denial of service DoS vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to potentially execute arbitra...

HP Integrated Lights-Out Improper Input Validation (CVE-2022-28637)

A local Denial of Service DoS and local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 iLO 5 in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for...

HP Integrated Lights-Out Improper Input Validation (CVE-2022-28636)

A potential local arbitrary code execution and a local denial of service DoS vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to potentially execute arbitra...

HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2021-29206)

"A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504401; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/11/13"; scriptcveid"CVE-2021-29206";...

HP Integrated Lights-Out Authentication Bypass Using an Alternate Path or Channel (CVE-2018-7113)

A security vulnerability in HPE Integrated Lights-Out 5 iLO 5 prior to v1.37 could be locally exploited to bypass the security restrictions for firmware updates. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

HP Integrated Lights-Out Improper Input Validation (CVE-2022-28640)

A potential local adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability was discovered in HPE Integrated Lights-Out 5 iLO 5 in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated...

HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2019-11982)

A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 iLO 4 earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 iLO 5 for Gen10 Servers earlier than version v1.39. This plugin only works with Tenable.ot. Please visit...

HP Integrated Lights-Out Improper Input Validation (CVE-2022-28633)

A local disclosure of sensitive information and a local unauthorized data modification vulnerability were discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to read and write to the iLO 5 firmware file...

HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2018-7117)

A remote Cross-Site Scripting in HPE iLO 5 Web User Interface vulnerability was identified in HPE Integrated Lights-Out 5 iLO 5 for Gen10 ProLiant Servers earlier than version v1.40. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

HP Integrated Lights-Out Improper Input Validation (CVE-2022-28632)

A potential arbitrary code execution and a denial of service DoS vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could exploit this vulnerability in an adjacent network to potentially execute...

HP Integrated Lights-Out Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2019-11983)

A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 iLO 4 earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 iLO 5 for Gen10 Servers earlier than version v1.39. This plugin only works with Tenable.ot. Please visit...

HP Integrated Lights-Out Improper Input Validation (CVE-2014-7876)

Unspecified vulnerability in HP Integrated Lights-Out iLO firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management CM firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors. This plugin only works with...

Malicious code in masolv-ilo-cvhu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 955f5b4fb3d2d201343905c3e29be778345e9ea8d0aa4737be61b839b42e9ada This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183843 Malicious code in masolv-ilo-cvhu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 955f5b4fb3d2d201343905c3e29be778345e9ea8d0aa4737be61b839b42e9ada This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183844 Malicious code in masolv-ilo-cvu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e85ed465c209fa476f5abc20247074bfd8d2293719aa659ce09358eb3c661af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183911 Malicious code in masv-ilo-cvsm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1c4753507136809e70d169b09afca830c2ea1136b7cfe11c4b1863dce2b6e64 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183903 Malicious code in masv-ilo-cvaginnavuvhu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8edd46877154f91f5766c78f9252491faf027c0b0912ea44e2fc518fb1baf80c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183838 Malicious code in masolv-ilo-cvaginauvhu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 758489ddb1f9ea6629106c3984db9ca0b5ceac0475ca7f829c22c3b1043c822e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-183835 Malicious code in masolv-ilo-cvaginahu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bff28b98af7ac7a673d80d5a2d5ec49dd7051c1c277ec7a387cd668081d21cd1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in masv-ilo-civasum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c546ba4471e998c3243541bcb8c18e5c6859b2bdba80ea07741816bd5ad2e1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...