Note:
This project will be discontinued after December 13, 2021. [more]
Product:
System_management_homepage
(Hp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 78 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-10-28 | CVE-2016-4394 | HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an "HSTS" issue. | System_management_homepage | 6.5 | ||
| 2016-10-28 | CVE-2016-4393 | HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue. | System_management_homepage | 5.4 | ||
| 2016-05-14 | CVE-2016-2015 | HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors. | System_management_homepage | 7.1 | ||
| 2016-03-18 | CVE-2016-1996 | HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors. | System_management_homepage | 7.7 | ||
| 2016-03-18 | CVE-2016-1995 | HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors. | System_management_homepage | 9.8 | ||
| 2016-03-18 | CVE-2016-1994 | HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors. | System_management_homepage | 6.5 | ||
| 2016-03-18 | CVE-2016-1993 | HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | System_management_homepage | 8.1 | ||
| 2015-06-22 | CVE-2015-3237 | The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values. | Curl, Libcurl, System_management_homepage, Enterprise_manager_ops_center, Glassfish_server | N/A | ||
| 2015-04-24 | CVE-2015-3148 | cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request. | Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Curl, Libcurl, System_management_homepage, Opensuse | N/A | ||
| 2015-04-24 | CVE-2015-3145 | The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character. | Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Curl, Libcurl, System_management_homepage, Opensuse, Solaris | N/A |