NotCVE - vendor:"Hp" product:"System Management Homepage" version:"2.1.9"

Page 4 of 67 results (0.026 seconds)

CVSS: 9.8EPSS: 0%CPEs: 155EXPL: 0

CVE-2015-3143 – curl: re-using authenticated connection when unauthenticated

https://notcve.org/view.php?id=CVE-2015-3143

22 Apr 2015 — cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. cURL y libcurl 7.10.6 hasta 7.41.0 no reutilizan correctamente las conexiones NTLM, lo que permite a atacantes remotos conectar como otros usuarios a través de una solicitud no autenticada, un problema similar a CVE-2014-0015. It was discovered that libcurl could incorrectly reuse NTLM-authenticated connect... • http://advisories.mageia.org/MGASA-2015-0179.html • CWE-264: Permissions, Privileges, and Access Controls CWE-287: Improper Authentication •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2014-7874 – HP Security Bulletin HPSBUX03139 SSRT101608

https://notcve.org/view.php?id=CVE-2014-7874

15 Oct 2014 — Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de CSRF en HP System Management Homepage (SMH) anterior a 3.2.3 en HP-UX B.11.23, y anterior a 3.2.8 en HP-UX B.11.31, permite a atacantes remotos secuestrar la autenticación de victimas no especificadas a través de vectores desconocidos. A potent... • http://secunia.com/advisories/60945 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.1EPSS: 17%CPEs: 5EXPL: 0

CVE-2014-2640 – HP Security Bulletin HPSBMU03112

https://notcve.org/view.php?id=CVE-2014-2640

01 Oct 2014 — Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en HP System Management Homepage (SMH) anterior a 7.4 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) on Linux and Windows. The vulnerabilit... • http://www.kb.cert.org/vuls/id/125228 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2014-2641 – HP Security Bulletin HPSBMU03112

https://notcve.org/view.php?id=CVE-2014-2641

01 Oct 2014 — Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de CSRF en HP System Management Homepage (SMH) anterior a 7.4 permite a usuarios remotos autenticados secuestrar la autenticaciíon de victimas no especificadas a través de vectores desconocidos. Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) ... • http://www.securitytracker.com/id/1030960 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.5EPSS: 2%CPEs: 5EXPL: 0

CVE-2014-2642 – HP Security Bulletin HPSBMU03112

https://notcve.org/view.php?id=CVE-2014-2642

01 Oct 2014 — HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors. HP System Management Homepage (SMH) anterior a 7.4 permite a atacantes remotos realizar ataques de clickjacking a través de vectores no especificados. Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Cross-site Scripting (XSS), Cross-site Request Forger... • http://www.securitytracker.com/id/1030960 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 78EXPL: 0

CVE-2013-4846 – HP Security Bulletin HPSBMU02947

https://notcve.org/view.php?id=CVE-2013-4846

11 Mar 2014 — Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en HP System Management Homepage (SMH) anterior a 7.3 permite a atacantes remotos obtener información sensible a través de vectores desconocidos. Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulti... • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138 •

CVSS: 6.5EPSS: 0%CPEs: 76EXPL: 0

CVE-2013-4821 – HP Security Bulletin HPSBMU02900 3

https://notcve.org/view.php?id=CVE-2013-4821

19 Sep 2013 — Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP System Management Homepage (SMH) anteriores a 7.2.1 permite a usuarios autenticados remotamente causar denegación de servicio a través de vectores desconocidos. Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could... • http://www.kb.cert.org/vuls/id/895524 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2012-5217 – HP Security Bulletin HPSBMU02900 3

https://notcve.org/view.php?id=CVE-2012-5217

19 Jul 2013 — HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2355. HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos evitar las restricciones de acceso establecidas y obtener información sensible a través de vectores sin especificar. Vulnerabilidad distinta de CVE-2013-2355. Potential security vulnerabilities have been identified... • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2013-2360 – HP Security Bulletin HPSBMU02900

https://notcve.org/view.php?id=CVE-2013-2360

18 Jul 2013 — Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2359. Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios autenticados remotamente provocar una denegación de servicio a través de vectores desconocidos. Vulnerabilidad distinta de CVE-2013-2357, CVE-2013-2358, y CVE-2013... • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2013-2355 – HP Security Bulletin HPSBMU02900

https://notcve.org/view.php?id=CVE-2013-2355

18 Jul 2013 — HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217. HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos evitar las restricciones de acceso establecidas y obtener información sensible a través de vectores sin especificar. Vulnerabilidad distinta de CVE-2013-5217. Potential security vulnerabilities have been identified... • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 • CWE-264: Permissions, Privileges, and Access Controls •

1 2 3 4 5