Page 10 of 63 results (0.005 seconds)

CVSS: 10.0EPSS: 37%CPEs: 3EXPL: 0

CVE-2013-2362 – Hewlett-Packard System Management iprange Parameter Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2013-2362

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676. Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios locales provocar una denegación de servicio a través de vectores desconocidos. Aka ZDI-CAN-1676. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP System Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the iprange parameter when passed to /proxy/DataValidation in an HTTP request. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

CVE-2013-2363

https://notcve.org/view.php?id=CVE-2013-2363

HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356. HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos obtener información sensible a través de vectores no especificados. Vulnerabilidad distinta de CVE-2013-2356. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 •

CVSS: 3.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2013-2364

https://notcve.org/view.php?id=CVE-2013-2364

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios autenticados remotamente inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.9EPSS: 0%CPEs: 77EXPL: 0

CVE-2012-2016

https://notcve.org/view.php?id=CVE-2012-2016

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows local users to obtain sensitive information via unknown vectors. Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anteriores a 7.1.1 permite a usuarios locales obtener información confidencial a través de vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 •

CVSS: 10.0EPSS: 0%CPEs: 77EXPL: 0

CVE-2012-2012

https://notcve.org/view.php?id=CVE-2012-2012

HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. HP System Management Homepage (SMH) anteriores a 7.1.1 no tiene un atributo para desactivar la funcionalidad de auto-completar en campos de formulario sin especificar, lo que facilita a atacantes remotos obtener información utilizando un equipo desatendido. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 •