Page 9 of 70 results (0.015 seconds)

CVSS: 10.0EPSS: 37%CPEs: 3EXPL: 0

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676. Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios locales provocar una denegación de servicio a través de vectores desconocidos. Aka ZDI-CAN-1676. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP System Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the iprange parameter when passed to /proxy/DataValidation in an HTTP request. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 •

CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2359, and CVE-2013-2360. Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios autenticados remotamente provocar una denegación de servicio a través de vectores desconocidos. Vulnerabilidad distinta de CVE-2013-2357, CVE-2013-2359, y CVE-2013-2360. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores desconocidos. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217. HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos evitar las restricciones de acceso establecidas y obtener información sensible a través de vectores sin especificar. Vulnerabilidad distinta de CVE-2013-5217. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 3.5EPSS: 0%CPEs: 3EXPL: 0

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios autenticados remotamente inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •