Product:

System_management_homepage

(Hp)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 78
Date Id Summary Products Score Patch Annotated
2016-05-14 CVE-2016-2015 HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors. System_management_homepage 7.1
2016-03-18 CVE-2016-1996 HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors. System_management_homepage 7.7
2016-03-18 CVE-2016-1995 HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors. System_management_homepage 9.8
2016-03-18 CVE-2016-1994 HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors. System_management_homepage 6.5
2016-03-18 CVE-2016-1993 HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. System_management_homepage 8.1
2015-06-22 CVE-2015-3237 The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values. Curl, Libcurl, System_management_homepage, Enterprise_manager_ops_center, Glassfish_server N/A
2015-04-24 CVE-2015-3148 cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request. Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Curl, Libcurl, System_management_homepage, Opensuse N/A
2015-04-24 CVE-2015-3145 The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character. Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Curl, Libcurl, System_management_homepage, Opensuse, Solaris N/A
2015-04-24 CVE-2015-3143 cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. Mac_os_x, Ubuntu_linux, Debian_linux, Curl, Libcurl, System_management_homepage N/A
2015-07-21 CVE-2015-2134 Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. System_management_homepage N/A