CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7720 – HP Security Manager - Potential Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-7720
27 Aug 2024 — HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries. • https://support.hp.com/us-en/document/ish_11074404-11074432-16 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46356
https://notcve.org/view.php?id=CVE-2022-46356
27 Jan 2023 — Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. Se han identificado posibles vulnerabilidades en HP Security Manager que pueden permitir la escalada de privilegios, la ejecución de código arbitrario y la divulgación de información. • https://support.hp.com/us-en/document/ish_7334353-7334378-16 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46357
https://notcve.org/view.php?id=CVE-2022-46357
27 Jan 2023 — Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. Se han identificado posibles vulnerabilidades en HP Security Manager que pueden permitir la escalada de privilegios, la ejecución de código arbitrario y la divulgación de información. • https://support.hp.com/us-en/document/ish_7334353-7334378-16 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46358
https://notcve.org/view.php?id=CVE-2022-46358
27 Jan 2023 — Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. Se han identificado posibles vulnerabilidades en HP Security Manager que pueden permitir la escalada de privilegios, la ejecución de código arbitrario y la divulgación de información. • https://support.hp.com/us-en/document/ish_7334353-7334378-16 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46359
https://notcve.org/view.php?id=CVE-2022-46359
27 Jan 2023 — Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure. Se han identificado posibles vulnerabilidades en HP Security Manager que pueden permitir la escalada de privilegios, la ejecución de código arbitrario y la divulgación de información. • https://support.hp.com/us-en/document/ish_7334353-7334378-16 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 13%CPEs: 127EXPL: 0CVE-2018-5390 – Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service
https://notcve.org/view.php?id=CVE-2018-5390
06 Aug 2018 — Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. El kernel de Linux en versiones 4.9 y siguientes pueden forzarse a realizar llamadas muy caras a tcp_collapse_ofo_queue() y tcp_prune_ofo_queue() para cada paquete entrante, lo que puede conducir a una denegación de servicio. A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP pac... • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2745
https://notcve.org/view.php?id=CVE-2017-2745
23 Jan 2018 — Potential security vulnerabilities have been identified with HP JetAdvantage Security Manager before 3.0.1. The vulnerabilities could potentially be exploited to allow stored cross-site scripting which could allow a hacker to execute scripts in a user's browser. Se han identificado vulnerabilidades de seguridad potenciales con HP JetAdvantage Security Manager en versiones anteriores a la 3.0.1. La vulnerabilidad podría explotarse para permitir Cross-Site Scripting (XSS) persistente, que permitiría que un ha... • https://support.hp.com/us-en/document/c05639510 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2746
https://notcve.org/view.php?id=CVE-2017-2746
23 Jan 2018 — Potential security vulnerabilities have been identified with HP JetAdvantage Security Manager before 3.0.1. The vulnerabilities could potentially be exploited to allow stored cross-site scripting which could allow a hacker to create a denial of service. Se han identificado vulnerabilidades de seguridad potenciales con HP JetAdvantage Security Manager en versiones anteriores a la 3.0.1. Las vulnerabilidades podrían explotarse para permitir Cross-Site Scripting (XSS) persistente, que permitiría que un hacker ... • https://support.hp.com/us-en/document/c05639510 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 28EXPL: 0CVE-2017-14356
https://notcve.org/view.php?id=CVE-2017-14356
31 Oct 2017 — An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow SQL injection. Vulnerabilidad de inyección SQL en HP ArcSight ESM y HP ArcSight ESM Express, en cualquier versión 6.x anterior a la 6.9.1c Patch 4 o versión 6.11.0 Patch 1. Esta vulnerabilidad podría explotarse de forma remota para permitir una inyección SQL. • http://www.securityfocus.com/bid/101627 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 29EXPL: 0CVE-2017-14357
https://notcve.org/view.php?id=CVE-2017-14357
31 Oct 2017 — A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow Reflected and Stored Cross-Site Scripting (XSS) Vulnerabilidad de Cross-Site Scripting (XSS) persistente y reflejado en HP ArcSight ESM y HP ArcSight ESM Express, en cualquier versión 6.x anterior a la 6.9.1c Patch 4 o versión 6.11.0 Patch 1. Esta vulnerabilidad podría explotarse d... • https://softwaresupport.hpe.com/km/KM02996760 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •