hp (hp) News Articles
Recent news articles refferecing the vendors vulnerabilities.
HackreadCVE-2025-37164CISA Urges Emergency Patching for Actively Exploited HPE OneView Flaw
If your office uses Hewlett Packard Enterprise (HPE) OneView to manage its servers and networking, you need to check your software version immediately. A major security flaw has been discovered that enables...
3 days ago
MalwarebytesCVE-2025-37164CISA warns of active attacks on HPE OneView and legacy PowerPoint
Two actively exploited flaws—one brand new, one 16 years old—have been added to CISA’s KEV catalog, signaling urgent patching.
6 days ago
Help Net SecurityCVE-2025-37164Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164) - Help Net Security
A RCE vulnerability (CVE-2025-37164) affecting certain versions of HPE OneView was added to CISA's Known Exploited Vulnerabilities catalog.
6 days ago
theregister.comCVE-2025-37164CISA flags exploited Office relic alongside fresh HPE flaw
CISA has added a pair of security holes to its actively exploited list, warning that attackers are now abusing a maximum-severity bug in HPE's OneView management software and a years-old flaw in Microsoft...
6 days ago
Security AffairsCVE-2025-37164U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog.
6 days ago
Security AffairsCVE-2025-37164U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog.
6 days ago
CISA tags max severity HPE OneView flaw as actively exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a maximum-severity HPE OneView vulnerability as actively exploited in attacks.
6 days ago
The Hacker NewsCVE-2025-37164CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited
CISA adds two vulnerabilities affecting Microsoft Office and HPE OneView to its KEV list, urging agencies to patch by January 28, 2026.
6 days ago
Critical HPE OneView Vulnerability Exploited in Attacks
CISA warns that CVE-2025-37164, a maximum-severity HPE OneView vulnerability leading to remote code execution, has been exploited in the wild.
1 week ago
Critical HPE OneView Vulnerability Exploited in Attacks
CISA warns that CVE-2025-37164, a maximum-severity HPE OneView vulnerability leading to remote code execution, has been exploited in the wild.
1 week ago
CybersecurityNewsCVE-2025-37164PoC Exploit Released HPE OneView Vulnerability that Enables Remote Code Execution
Researchers released a PoC exploit for a critical HPE OneView flaw that lets attackers run malicious code remotely without authentication.
3 weeks ago
gbhackers.comCVE-2025-37164HPE OneView RCE Vulnerability Exploited via Newly Released PoC
A critical security flaw in HPE OneView is currently at high risk of exploitation following the release of a technical analysis and Proof-of-Concept (PoC) code.
3 weeks ago
thestack.technologyCVE-2025-37164Critical HPE OneView bug triggers alarm bells
HPE has pushed an emergency hotfix for a critical CVSS 10 bug in its IT infrastructure management software OneView – allocated CVE-2025-37164.
4 weeks ago
HPE warns of maximum severity RCE flaw in OneView software
Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables attackers to execute arbitrary code remotely.
1 month ago
Red Hot CyberCVE-2025-37164HPE OneView Vulnerability CVE-2025-37164: Critical Security Update Required
HPE OneView critical vulnerability CVE-2025-37164 with CVSS score of 10.0. Learn more about the bug and how to update your system to prevent cyber attacks.
1 month ago
Cyber PressHPE Alerts to Aruba Hardcoded Credential Flaws Allowing Auth Bypass
The vulnerabilities, identified as CVE-2025-37103 and CVE-2025-37102, affect devices running software version 3.2.0.1 and below
DataconomyCVE-2025-37103A critical flaw found in popular HPE Aruba Wi-Fi devices
HPE has issued a warning regarding hardcoded credentials within Aruba Instant On Access Points, which could enable remote attackers to gain administrative
HPE warns of hardcoded passwords in Aruba access points
Hewlett-Packard Enterprise (HPE) is warning of hardcoded credentials in Aruba Instant On Access Points that allow attackers to bypass normal device authentication and access the web interface.
The Cyber ExpressCVE-2025-37093Critical CVE-2025-37093 Hits HPE StoreOnce Systems
HPE warns of critical CVE-2025-37093 in StoreOnce software. Vulnerability allows remote access. Patch to version 4.3.11 or later urged for all users.
The Hacker NewsCVE-2025-37093HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass
HPE patches 8 StoreOnce flaws, including CVE-2025-37093, risking RCE and auth bypass—users must update now
CybersecurityNewsCVE-2024-53676HPE Remote Support Tool Vulnerability Let Attackers Execute Arbitrary code - PoC Released
A newly disclosed vulnerability in Hewlett Packard Enterprise's (HPE) Insight Remote Support tool enables unauthenticated attackers to execute arbitrary code on vulnerable systems, with proof-of-concept (PoC) exploit code now publicly available.
Multiple HPE Aruba Network Vulnerabilities Allows Remote Arbitrary Code Execution
Hewlett Packard Enterprise (HPE) has confirmed multiple vulnerabilities in its Aruba Networking products that could allow remote arbitrary code execution.
prophaze.comCVE-2024-31471CVE-2024-31471 : ARUBA INSTANTOS/ARUBAOS CENTRAL COMMUNICATONS SERVICE COMMAND INJECTION - Cloud WAF
CVE-2024-31471 : There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211).