Latest CVE Feed
-
6.1
MEDIUMCVE-2021-29243
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS.... Read more
Affected Products : cloudera_manager- EPSS Score: %0.46
- Published: Nov. 08, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-29242
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.... Read more
Affected Products : gateway edge_gateway opc_server plchandler control_for_beaglebone_sl control_for_empc-a\/imx6_sl control_for_iot2000_sl control_for_linux_sl control_for_pfc100_sl control_for_pfc200_sl +12 more products- EPSS Score: %0.44
- Published: May. 03, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-29241
CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).... Read more
- EPSS Score: %0.56
- Published: May. 03, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-29240
The Package Manager of CODESYS Development System 3 before 3.5.17.0 does not check the validity of packages before installation and may be used to install CODESYS packages with malicious content.... Read more
Affected Products : development_system- EPSS Score: %0.26
- Published: May. 04, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-29239
CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files embedded in libraries without first checking their validity.... Read more
Affected Products : development_system- EPSS Score: %0.07
- Published: May. 03, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-29238
CODESYS Automation Server before 1.16.0 allows cross-site request forgery (CSRF).... Read more
Affected Products : automation_server- EPSS Score: %0.17
- Published: May. 03, 2021
- Modified: Nov. 21, 2024
-
7.0
HIGHCVE-2021-29221
A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local attacker could hijack accounts of other users running Erlang programs or possibly coerce a se... Read more
- EPSS Score: %0.11
- Published: Apr. 09, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-29220
Multiple buffer overflow security vulnerabilities have been identified in HPE iLO Amplifier Pack version(s): Prior to 2.12. These vulnerabilities could be exploited by a highly privileged user to remotely execute code that could lead to a loss of confiden... Read more
Affected Products : ilo_amplifier_pack- EPSS Score: %0.27
- Published: Feb. 24, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-29219
A potential local buffer overflow vulnerability has been identified in HPE FlexNetwork 5130 EL Switch Series version: Prior to 5130_EI_7.10.R3507P02. HPE has made the following software update to resolve the vulnerability in HPE FlexNetwork 5130 EL Switch... Read more
Affected Products : flexnetwork_5130_jg932a_firmware flexnetwork_5130_jg933a_firmware flexnetwork_5130_jg934a_firmware flexnetwork_5130_jg936a_firmware flexnetwork_5130_jg937a_firmware flexnetwork_5130_jg940a_firmware flexnetwork_5130_jg941a_firmware flexnetwork_5130_jg932a flexnetwork_5130_jg933a flexnetwork_5130_jg934a +4 more products- EPSS Score: %0.06
- Published: Feb. 04, 2022
- Modified: Nov. 21, 2024
-
6.7
MEDIUMCVE-2021-29218
A local unquoted search path security vulnerability has been identified in HPE Agentless Management Service for Windows version(s): Prior to 1.44.0.0, 10.96.0.0. This vulnerability could be exploited locally by a user with high privileges to execute malwa... Read more
Affected Products : windows agentless_management proliant_agentless_management apollo_20 apollo_2000_gen_10_plus apollo_6500 apollo_6500_gen10_plus apollo_80 proliant_dl proliant_ml +4 more products- EPSS Score: %0.06
- Published: Feb. 04, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-29217
A remote URL redirection vulnerability was discovered in HPE OneView Global Dashboard version(s): Prior to 2.5. HPE has provided a software update to resolve this vulnerability in HPE OneView Global Dashboard.... Read more
Affected Products : oneview_global_dashboard- EPSS Score: %0.22
- Published: Feb. 24, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-29216
A remote cross-site scripting vulnerability was discovered in HPE OneView Global Dashboard version(s): Prior to 2.5. HPE has provided a software update to resolve this vulnerability in HPE OneView Global Dashboard.... Read more
Affected Products : oneview_global_dashboard- EPSS Score: %0.53
- Published: Feb. 24, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-29215
A potential security vulnerability in HPE Ezmeral Data Fabric that may allow a remote access restriction bypass in the TEZ MapR ecosystem component was discovered in version(s): Prior to Tez-0.8: mapr-tez-0.8.201907081100-1.noarch; prior to Tez-0.9: mapr-... Read more
- EPSS Score: %0.50
- Published: Jan. 18, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-29214
A security vulnerability has been identified in HPE StoreServ Management Console (SSMC). An authenticated SSMC administrator could exploit the vulnerability to inject code and elevate their privilege in SSMC. The scope of this vulnerability is limited to ... Read more
Affected Products : storeserv_management_console- EPSS Score: %0.38
- Published: Dec. 10, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-29213
A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally... Read more
- EPSS Score: %0.04
- Published: Nov. 01, 2021
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2021-29212
A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arbitrary code lead... Read more
Affected Products : ilo_amplifier_pack- EPSS Score: %15.48
- Published: Nov. 01, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-29211
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity... Read more
Affected Products : integrated_lights-out_4 integrated_lights-out_5 proliant_dl120_gen10_server proliant_dl160_gen10_server proliant_dl180_gen10_server proliant_dl360_gen10_server proliant_dl380_gen10_server proliant_dl385_gen10_server proliant_dl560_gen10_server proliant_dl580_gen10_server +19 more products- EPSS Score: %0.11
- Published: May. 25, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-29210
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen... Read more
Affected Products : integrated_lights-out_4 integrated_lights-out_5 proliant_dl120_gen10_server proliant_dl160_gen10_server proliant_dl180_gen10_server proliant_dl360_gen10_server proliant_dl380_gen10_server proliant_dl385_gen10_server proliant_dl560_gen10_server proliant_dl580_gen10_server +19 more products- EPSS Score: %0.18
- Published: May. 25, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-29209
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen... Read more
Affected Products : integrated_lights-out_4 integrated_lights-out_5 proliant_dl120_gen10_server proliant_dl160_gen10_server proliant_dl180_gen10_server proliant_dl360_gen10_server proliant_dl380_gen10_server proliant_dl385_gen10_server proliant_dl560_gen10_server proliant_dl580_gen10_server +19 more products- EPSS Score: %0.18
- Published: May. 25, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-29208
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen... Read more
Affected Products : integrated_lights-out_4 integrated_lights-out_5 proliant_dl120_gen10_server proliant_dl160_gen10_server proliant_dl180_gen10_server proliant_dl360_gen10_server proliant_dl380_gen10_server proliant_dl385_gen10_server proliant_dl560_gen10_server proliant_dl580_gen10_server +19 more products- EPSS Score: %0.18
- Published: May. 25, 2021
- Modified: Nov. 21, 2024