Page 2 of 13 results (0.008 seconds)

CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en HP Network Node Manager i (NNMi) v8.x, v9.0x, v9.1x, y v9.20, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03405705 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 8.x, 9.0x, and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en HP Network Node Manager i (NNMi) v8.x, v9.0x y v9.1x permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03343724 http://www.securitytracker.com/id?1027215 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 1%CPEs: 17EXPL: 0

wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; and JBoss Enterprise Web Platform 5.1.1 does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested entity references, a similar issue to CVE-2003-1564. wsf/common/DOMUtils.java en JBossWS Native en Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, y 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 y 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, y 5.1.0; JBoss Communications Platform 1.2.11 y 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; y JBoss Enterprise Web Platform 5.1.1, no manejan adecuadamente la recursividad durante la expansión de una entidad, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y CPU) a través de una petición manipulada que contiene un documento XML una declaración DOCTYPE y un gran número de referencias a entidades anidadas. Similar cuestión que el CVE-2003-1564. • http://source.jboss.org/changelog/JBossWS/?cs=13996 https://bugzilla.redhat.com/show_bug.cgi?id=692584 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03824583 https://access.redhat.com/security/cve/CVE-2011-1483 •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows local users to read or modify (1) log files or (2) other data via unknown vectors. Vulnerabilidad no especificada en HP Network Node Manager i (NNMi) v9.0x permite a usuarios locales leer o modificar (1) archivos de registro o (2) otros datos a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=130514065522575&w=2 http://securityreason.com/securityalert/8249 http://www.securitytracker.com/id?1025520 •

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows remote authenticated users to obtain access to processes via unknown vectors. Vulnerabilidad no especificada en HP Network Node Manager i (NNMi) 9.0x permite a usuarios remotos autenticados para obtener acceso a los procesos a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=132094759631216&w=2 http://secunia.com/advisories/44230 http://www.securitytracker.com/id?1025386 http://www.vupen.com/english/advisories/2011/1024 https://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02788734 •