Note:
This project will be discontinued after December 13, 2021. [more]
Product:
System_management_homepage
(Hp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 78 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-05-14 | CVE-2016-2015 | HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors. | System_management_homepage | 7.1 | ||
| 2016-03-18 | CVE-2016-1996 | HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors. | System_management_homepage | 7.7 | ||
| 2016-03-18 | CVE-2016-1995 | HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors. | System_management_homepage | 9.8 | ||
| 2016-03-18 | CVE-2016-1994 | HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors. | System_management_homepage | 6.5 | ||
| 2016-03-18 | CVE-2016-1993 | HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | System_management_homepage | 8.1 | ||
| 2015-06-22 | CVE-2015-3237 | The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values. | Curl, Libcurl, System_management_homepage, Enterprise_manager_ops_center, Glassfish_server | N/A | ||
| 2015-04-24 | CVE-2015-3148 | cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request. | Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Curl, Libcurl, System_management_homepage, Opensuse | N/A | ||
| 2015-04-24 | CVE-2015-3145 | The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character. | Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Curl, Libcurl, System_management_homepage, Opensuse, Solaris | N/A | ||
| 2015-04-24 | CVE-2015-3143 | cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. | Mac_os_x, Ubuntu_linux, Debian_linux, Curl, Libcurl, System_management_homepage | N/A | ||
| 2015-07-21 | CVE-2015-2134 | Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | System_management_homepage | N/A |