243 matches found
HPESBHF05052 rev.1 - Certain HPE ProLiant DL/ML, Alletra, Synergy, and Edgeline Servers Using Certain Intel Processors, INTEL-SA-01413, UEFI Reference Firmware Advisory, Local Disclosure of Information Vulnerability
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Alletra 4110 - Prior to 2.8001-29-2026 HPE Alletra 4120 - Prior to 2.8001-29-2026 HPE Alletra 4140 - Prior to 2.8001-29-2026 HPE ProLiant DL110 Gen11 - Prior to...
synergy-security
No d...
@backstage/plugin-auth-backend (>=0.0.0-nightly-20240122021809 <=0.22.11), @backstage/plugin-auth-backend-module-aws-alb-provider (>=0.0.0-nightly-20240126021148 <=0.4.14-next.1) +7 more potentially affected by CVE-2026-32235 via @backstage/plugin-auth-backend (>=0.0.0-nightly-20240929023448 <=0.27.1-next.2)
@backstage/plugin-auth-backend NPM version =0.0.0-nightly-20240929023448, =0.0.0-nightly-20240122021809, =0.0.0-nightly-20240126021148, =0.0.0-nightly-20240122021809, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =1.0.0, =1.2.0 -...
HPESBHF05028 rev.1 - Certain HPE ProLiant DL/ML/XD/XL, Alletra, Apollo, Synergy, Microserver and Edgeline Servers Using Certain Intel Processor BIOS, INTEL-SA-01234, 2025.3 IPU, UEFI Reference Firmware Advisory, Multiple Vulnerabilities
Potential Security Impact: Local: Escalation of Privilege, Insecure Deserialization SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant Compute DL320 Gen12 - Prior to 1.4005-22-2025 - CVE-2025-20027, CVE-2025-22444, CVE-2025-22850 HPE ProLiant Compute DL340 Gen12 - Prior ...
HPESBHF05010 rev.1 - Certain HPE ProLiant DL/ML/XD, Synergy, Edgeline and Alletra Servers Using Certain Intel Processors, INTEL-SA-01314, 2025.4 IPU, Intel TDX Module Advisory, Local Escalation of Privilege Vulnerability
Potential Security Impact: Local: Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant Compute DL320 Gen12 - Prior to v1.5009-05-2025 HPE ProLiant Compute DL340 Gen12 - Prior to v1.5009-05-2025 HPE ProLiant Compute DL360 Gen12 - Prior to...
HPESBHF05008 rev.3 - Certain HPE ProLiant DL/ML/XD, Synergy, Edgeline, MicroServer, and Alletra Servers Using Certain Intel Processors, INTEL-SA-01396, 2026.1 IPU, Intel Processor Firmware Advisory, Local Escalation of Privilege Vulnerability
Potential Security Impact: Local: Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant Compute DL320 Gen12 - Prior to v1.6001-09-2026 HPE ProLiant Compute DL340 Gen12 - Prior to v1.6001-09-2026 HPE ProLiant Compute DL360 Gen12 - Prior to...
HPESBHF05007 rev.2 - Certain HPE ProLiant DL/ML/XD, Synergy, Edgeline, and Alletra Servers Using Certain Intel Processors, INTEL-SA-01397, 2026.1 IPU, Intel Trust Domain Extensions (Intel TDX) module Advisory, Multiple Vulnerabilities
Potential Security Impact: Local: Denial of Service DoS, Disclosure of Information, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant Compute DL320 Gen12 - Prior to v1.6001-09-2026 HPE ProLiant Compute DL340 Gen12 - Prior to v1.6001-09-2026 HPE...
CVE-2025-68898
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cjjparadoxmax Synergy Project Manager synergy-project-manager allows Stored XSS.This issue affects Synergy Project Manager: from n/a through = 1.5...
CVE-2025-68898
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cjjparadoxmax Synergy Project Manager synergy-project-manager allows Stored XSS.This issue affects Synergy Project Manager: from n/a through = 1.5...
CVE-2025-68898
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cjjparadoxmax Synergy Project Manager synergy-project-manager allows Stored XSS.This issue affects Synergy Project Manager: from n/a through = 1.5...
CVE-2025-68898
The CVE-2025-68898 issue is a Stored XSS in Synergy Project Manager (WordPress plugin) versions up to and including 1.5, caused by improper input handling during web page generation. Based on connected records, there is no published fix in the provided sources; patch/status shows as Unpatched. Af...
CVE-2025-68898 WordPress Synergy Project Manager plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cjjparadoxmax Synergy Project Manager synergy-project-manager allows Stored XSS.This issue affects Synergy Project Manager: from n/a through = 1.5...
CVE-2025-68898 WordPress Synergy Project Manager plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cjjparadoxmax Synergy Project Manager synergy-project-manager allows Stored XSS.This issue affects Synergy Project Manager: from n/a through = 1.5...
WordPress plugin Synergy Project Manager has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
PT-2026-4100
Name of the Vulnerable Software and Affected Versions cjjparadoxmax Synergy Project Manager versions through 1.5 Description The Synergy Project Manager software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This...
WordPress Synergy Project Manager plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by mcdruid in WordPress Plugin Synergy Project Manager versions = 1.5...
CVE-2020-7800
The Synergy Systems & Solutions SSS HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has an Improper Check for Unusual or Exceptional Conditions CWE-754 vulnerability. The affected product is vulnerable to specially crafted TCP packets, which can cause the device to shut down or reboot a...
CVE-2020-7198
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to version 5.5 of OneView, Composer, or Composer2...
CVE-2020-7802
The Synergy Systems & Solutions SSS HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has an Incorrect Default Permissions CWE-276 vulnerability. The affected product is vulnerable to insufficient default permissions, which could allow an attacker to view network configurations through SN...
HPESB3P04984 rev.5 - HPE ProLiant DL/ML/XD Alletra and Synergy Servers Using Intel QuickAssist Technology Software Drivers, Multiple Vulnerabilities
Potential Security Impact: Local: Denial of Service DoS, Disclosure of Information, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant Compute XD230 - Prior to v2.6.0 - Intel QuickAssist Technology driver for Microsoft Windows HPE Alletra Storage...