The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2022-37930 | A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays and HPE Nimble Storage Secondary Flash Arrays which could potentially allow local disclosure of sensitive information. | -- | Dec 14, 2022 | n/a |
| CVE-2022-37931 | A vulnerability in NetBatch-Plus software allows unauthorized access to the application. HPE has provided a workaround and fix. Please refer to HPE Security Bulletin HPESBNS04388 for details. | -- | Nov 22, 2022 | n/a |
| CVE-2022-37932 | A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following software updates to resolve the vulnerability in Hewlett Packard Enterprise OfficeConnect 1820, 1850 and 1920S Network switches versions: Prior to PT.02.14; Prior to PC.01.22; Prior to PO.01.21; Prior to PD.02.22; | -- | Dec 15, 2022 | n/a |
| CVE-2022-37933 | A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be exploited to allow local unauthorized data injection. HPE has made the following software updates to resolve the vulnerability in HPE Superdome Flex firmware 3.60.50 and below and Superdome Flex 280 servers firmware 1.40.60 and below. | -- | Jan 5, 2023 | n/a |
| CVE-2022-37934 | A potential security vulnerability has been identified in HPE OfficeConnect 1820, and 1850 switch series. The vulnerability could be remotely exploited to allow remote directory traversal in HPE OfficeConnect 1820 switch series version PT.02.17 and below, HPE OfficeConnect 1850 switch series version PC.01.23 and below, and HPE OfficeConnect 1850 (10G aggregator) switch version PO.01.22 and below. | -- | Jan 5, 2023 | n/a |
| CVE-2022-37935 | HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password. | -- | Mar 1, 2023 | n/a |
| CVE-2022-37936 | Unauthenticated Java deserialization vulnerability in Serviceguard Manager | -- | Mar 1, 2023 | n/a |
| CVE-2022-37937 | Pre-auth memory corruption in HPE Serviceguard | -- | Mar 1, 2023 | n/a |
| CVE-2022-37938 | Unauthenticated server side request forgery in HPE Serviceguard Manager | -- | Mar 1, 2023 | n/a |
| CVE-2022-37939 | A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be locally exploited to allow disclosure of information. HPE has made the following software to resolve the vulnerability in HPE Superdome Flex Servers v3.65.8 and Superdome Flex 280 Servers v1.45.8. | -- | Mar 11, 2023 | n/a |
| CVE-2022-37940 | Potential security vulnerabilities have been identified in the HPE FlexFabric 5700 Switch Series. These vulnerabilities could be remotely exploited to allow host header injection and URL redirection. HPE has made the following software to resolve the vulnerability in HPE FlexFabric 5700 Switch Series version R2432P61 or later. | -- | Mar 22, 2023 | n/a |
| CVE-2022-37941 | Not used in 2022 | -- | Mar 14, 2023 | n/a |
| CVE-2022-37942 | Not used in 2022 | -- | Mar 14, 2023 | n/a |
| CVE-2022-37943 | Not used in 2022 | -- | Mar 14, 2023 | n/a |
| CVE-2022-37944 | Not used in 2022 | -- | Mar 14, 2023 | n/a |
| CVE-2022-37945 | Not used in 2022 | -- | Mar 14, 2023 | n/a |
| CVE-2022-37946 | Not used in 2022 | -- | Mar 14, 2023 | n/a |
| CVE-2022-37947 | Not used in 2022 | -- | Mar 14, 2023 | n/a |
| CVE-2022-37948 | Not used in 2022 | -- | Mar 14, 2023 | n/a |
| CVE-2022-37949 | Not used in 2022 | -- | Mar 14, 2023 | n/a |
| CVE-2022-37950 | Not used in 2022 | -- | Mar 14, 2023 | n/a |
| CVE-2022-37951 | Not used in 2022 | -- | Mar 14, 2023 | n/a |
| CVE-2022-37952 | A reflected cross-site scripting (XSS) vulnerability exists in the iHistorian Data Display of WorkstationST (<v07.09.15) could allow an attacker to compromise a victim\'s browser. WorkstationST is only deployed in specific, controlled environments rendering attack complexity significantly higher than if the attack were conducted on the software in isolation. WorkstationST v07.09.15 can be found in ControlST v07.09.07 SP8 and greater. | -- | Aug 25, 2022 | n/a |
| CVE-2022-37953 | An HTTP response splitting vulnerability exists in the AM Gateway Challenge-Response dialog of WorkstationST (<v07.09.15) and could allow an attacker to compromise a victim\'s browser/session. WorkstationST is only deployed in specific, controlled environments rendering attack complexity significantly higher than if the attack were conducted on the software in isolation. WorkstationST v07.09.15 can be found in ControlST v07.09.07 SP8 and greater. | -- | Aug 25, 2022 | n/a |
| CVE-2022-37954 | DirectX Graphics Kernel Elevation of Privilege Vulnerability. | -- | Sep 17, 2022 | n/a |
| CVE-2022-37955 | Windows Group Policy Elevation of Privilege Vulnerability. | -- | Sep 16, 2022 | n/a |
| CVE-2022-37956 | Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37957, CVE-2022-37964. | -- | Sep 16, 2022 | n/a |
| CVE-2022-37957 | Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37956, CVE-2022-37964. | -- | Sep 16, 2022 | n/a |
| CVE-2022-37958 | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability. | -- | Sep 16, 2022 | n/a |
| CVE-2022-37959 | Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability. | -- | Sep 16, 2022 | n/a |
| CVE-2022-37961 | Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38008, CVE-2022-38009. | -- | Sep 16, 2022 | n/a |
| CVE-2022-37962 | Microsoft PowerPoint Remote Code Execution Vulnerability. | -- | Sep 16, 2022 | n/a |
| CVE-2022-37963 | Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38010. | -- | Sep 16, 2022 | n/a |
| CVE-2022-37964 | Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37956, CVE-2022-37957. | -- | Sep 16, 2022 | n/a |
| CVE-2022-37965 | Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. | -- | Oct 12, 2022 | n/a |
| CVE-2022-37966 | Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability | -- | Nov 10, 2022 | n/a |
| CVE-2022-37967 | Windows Kerberos Elevation of Privilege Vulnerability | -- | Nov 10, 2022 | n/a |
| CVE-2022-37968 | Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability. | -- | Oct 12, 2022 | n/a |
| CVE-2022-37969 | Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35803. | -- | Sep 16, 2022 | n/a |
| CVE-2022-37970 | Windows DWM Core Library Elevation of Privilege Vulnerability. | -- | Oct 12, 2022 | n/a |
| CVE-2022-37971 | Microsoft Windows Defender Elevation of Privilege Vulnerability. | -- | Oct 12, 2022 | n/a |
| CVE-2022-37972 | Microsoft Endpoint Configuration Manager Spoofing Vulnerability. | -- | Sep 22, 2022 | n/a |
| CVE-2022-37973 | Windows Local Session Manager (LSM) Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-37998. | -- | Oct 12, 2022 | n/a |
| CVE-2022-37974 | Windows Mixed Reality Developer Tools Information Disclosure Vulnerability. | -- | Oct 12, 2022 | n/a |
| CVE-2022-37975 | Windows Group Policy Elevation of Privilege Vulnerability. | -- | Oct 12, 2022 | n/a |
| CVE-2022-37976 | Active Directory Certificate Services Elevation of Privilege Vulnerability. | -- | Oct 12, 2022 | n/a |
| CVE-2022-37977 | Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability. | -- | Oct 13, 2022 | n/a |
| CVE-2022-37978 | Windows Active Directory Certificate Services Security Feature Bypass. | -- | Oct 13, 2022 | n/a |
| CVE-2022-37979 | Windows Hyper-V Elevation of Privilege Vulnerability. | -- | Oct 13, 2022 | n/a |
| CVE-2022-37980 | Windows DHCP Client Elevation of Privilege Vulnerability. | -- | Oct 13, 2022 | n/a |
