Hpe Security Vulnerabilities (CVEs)
Track 38 security vulnerabilities affecting Hpe products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
An information disclosure vulnerability in HPE Aruba Networking 5G Core server API error handling allows unauthenticated remote attackers to obtain se...
Feb 17, 2026This authentication bypass vulnerability in the application API allows remote attackers to create unauthorized administrative accounts. Attackers can ...
Feb 17, 2026This broken access control vulnerability allows authenticated low-privilege users to access sensitive information through the web management interface...
Nov 18, 2025This vulnerability allows authenticated read-only SSH users to bypass access controls and gain administrator privileges on affected network management...
Nov 18, 2025This CVE describes a platform-level denial-of-service vulnerability in ArubaOS-CX software where an attacker with administrative access can execute sp...
Nov 18, 2025A command injection vulnerability in AOS-CX Operating System allows authenticated remote attackers to execute arbitrary commands on affected systems. ...
Nov 18, 2025A command injection vulnerability in the AOS-CX Operating System allows authenticated remote attackers to execute arbitrary commands on affected syste...
Nov 18, 2025This vulnerability allows an authenticated remote attacker to hijack active user sessions in the AOS-CX OS web management interface, potentially leadi...
Nov 18, 2025This CVE describes an authentication bypass and information disclosure vulnerability in HPE AutoPass License Server (APLS) versions before 9.18. Attac...
Jul 16, 2025A critical remote code execution vulnerability exists in HPE Insight Remote Support (IRS) software due to improper control of code generation (CWE-94)...
Jul 1, 2025A path traversal vulnerability in HPE Insight Remote Support (IRS) allows attackers to access files outside the intended directory by manipulating fil...
Jul 1, 2025An unauthenticated denial-of-service vulnerability in HPE Insight Remote Support (IRS) allows attackers to crash the service without credentials. This...
Jul 1, 2025A directory traversal vulnerability in HPE StoreOnce Software allows attackers to access sensitive files outside the intended directory. This affects ...
Jun 2, 2025A command injection vulnerability in HPE StoreOnce Software allows remote attackers to execute arbitrary commands on affected systems. This affects or...
Jun 2, 2025A command injection vulnerability in HPE StoreOnce Software allows remote attackers to execute arbitrary commands on affected systems. This affects al...
Jun 2, 2025This vulnerability allows attackers to delete arbitrary files on HPE StoreOnce backup appliances through directory traversal techniques. It affects HP...
Jun 2, 2025A command injection vulnerability in HPE StoreOnce Software allows remote attackers to execute arbitrary commands on affected systems. This affects al...
Jun 2, 2025A directory traversal vulnerability in HPE Insight Remote Support allows attackers to access files outside intended directories, potentially leading t...
Nov 27, 2024An unauthenticated Java deserialization vulnerability in HPE Remote Insight Support allows remote attackers to execute arbitrary code on affected syst...
Nov 26, 2024An XML external entity injection vulnerability in HPE Insight Remote Support allows remote attackers to read arbitrary files from the server filesyste...
Nov 26, 2024CVE-2024-22441 is an authentication bypass vulnerability in HPE Cray Parallel Application Launch Service (PALS) that allows unauthenticated attackers ...
Jun 13, 2024This CVE describes an authentication bypass vulnerability in HPE iLO 5 and iLO 6 remote management controllers. Attackers could potentially gain unaut...
Dec 19, 2023CVE-2023-30912 is a remote code execution vulnerability in HPE OneView that allows attackers to execute arbitrary code on affected systems. This affec...
Oct 25, 2023CVE-2023-3718 is an authenticated command injection vulnerability in Aruba AOS-CX switches that allows attackers with CLI access to execute arbitrary ...
Aug 1, 2023This vulnerability affects HPE MC990 X and UV300 RMC components with inadequate default configurations, allowing attackers to escalate privileges on a...
Jun 16, 2023This CVE describes an authenticated remote code execution vulnerability in Aruba's AOS-CX Network Analytics Engine. Attackers with valid credentials c...
Mar 22, 2023CVE-2022-37936 is an unauthenticated Java deserialization vulnerability in HPE Serviceguard Manager that allows remote attackers to execute arbitrary ...
Mar 1, 2023CVE-2022-37938 is an unauthenticated server-side request forgery (SSRF) vulnerability in HPE Serviceguard Manager that allows attackers to make arbitr...
Mar 1, 2023This vulnerability allows remote attackers to execute SQL injection attacks against HPE IceWall SSO 10.0 certd component, potentially leading to unaut...
Jul 8, 2022This CVE describes a local privilege escalation vulnerability in the HPE Version Control Repository Manager installer. An attacker with local access c...
Jun 24, 2022This CVE describes a remote authentication bypass vulnerability in HPE Cray supercomputing systems that allows attackers to bypass authentication mech...
Jun 24, 2022This CVE-2022-28618 is a critical command injection vulnerability in HPE Nimble Storage arrays that allows attackers to execute arbitrary commands on ...
May 20, 2022This vulnerability allows attackers to intercept and modify network communications during software updates on HPE Nimble Storage arrays. This could en...
Apr 12, 2022A remote vulnerability in Aruba Instant On 1930 Switch Series allows attackers to execute arbitrary code or cause denial of service. This affects orga...
Apr 12, 2022An authenticated remote code execution vulnerability in Aruba AOS-CX Network Analytics Engine allows attackers with valid credentials to execute arbit...
Mar 2, 2022A local buffer overflow vulnerability in HPE FlexNetwork 5130 EL Switch Series allows attackers with local access to potentially execute arbitrary cod...
Feb 4, 2022This vulnerability allows remote attackers to bypass access restrictions in HPE Ezmeral Data Fabric's TEZ MapR ecosystem component. It affects systems...
Jan 18, 2022An unauthenticated remote code execution vulnerability in HPE storage array firmware allows attackers to execute arbitrary code with administrator pri...
Oct 11, 2021Why Monitor Hpe Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 38+ known vulnerabilities affecting Hpe products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Hpe packages in under 60 seconds. No agents required - completely agentless scanning that works across Hpe deployments.
Free vulnerability database: Access detailed information about every Hpe CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Hpe CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
