Malicious code in @zalastax/nolb-_smh (npm)

The package @zalastax/nolb-smh was found to contain malicious code...

MAL-2025-43073 Malicious code in @zalastax/nolb-_smh (npm)

The package @zalastax/nolb-smh was found to contain malicious code...

CVE-2023-50271

A potential security vulnerability has been identified with HP-UX System Management Homepage SMH. This vulnerability could be exploited locally or remotely to disclose information...

Design/Logic Flaw

A potential security vulnerability has been identified with HP-UX System Management Homepage SMH. This vulnerability could be exploited locally or remotely to disclose information...

CVE-2023-50271

Technical details about CVE-2023-50271 are not publicly available in the provided connected documents; monitor for updates.

CVE-2023-50271 HP-UX System Management Homepage, Disclosure of Information

A potential security vulnerability has been identified with HP-UX System Management Homepage SMH. This vulnerability could be exploited locally or remotely to disclose information...

smh.com.au XSS vulnerability

Vulnerable URL:...

HP System Management Homepage < 7.5.4.3 AddCertsToTrustCfgList DoS

The version of HP System Management Homepage SMH hosted on the remote web server is prior to 7.5.4.3. It is, therefore, affected by a flaw in the AddCertsToTrustCfgList function within file modsmhconfig.so due to improper extraction of the common name in the subject when processing X.509...

HP System Management Homepage (SMH) AddXECert Remote DoS

The HP System Management Homepage SMH application running on the remote web server is affected by a denial of service vulnerability due to improper handling of the Common Name in a certificate uploaded via /proxy/AddXECert. An unauthenticated, remote attacker can exploit this, via a crafted...

HP System Management Homepage 7.3.x / 7.4.x < 7.5.0 Multiple Vulnerabilities (FREAK)

According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote web server is prior to 7.5.0. It is, therefore, affected by multiple vulnerabilities : - A flaw exists within the 'moddeflate' module when handling highly compressed bodies. A remote attack...

CVE-2015-2134

Cross-site request forgery CSRF vulnerability in HP System Management Homepage SMH before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors...

CVE-2015-2134

HP System Management Homepage (SMH) prior to version 7.5.0 is affected by a Cross-Site Request Forgery (CSRF) vulnerability that allows an authenticated remote user to hijack another user’s session and perform actions on behalf of the victim. The HP Security Bulletin HPSBMU03409 (rev.1) lists CVE...

[security bulletin] HPSBUX03139 SSRT101608 rev.1 - HP-UX running System Management Homepage &#40;SMH&#41;, Remote Cross-Site Request Forgery

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04476799 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04476799 Version: 1 HPSBUX03139...

HP System Management Homepage < 7.4 Multiple Vulnerabilities

According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote web server is affected by the following vulnerabilities : - A flaw exists within the included cURL that disables the 'CURLOPTSSLVERIFYHOST' check when the setting on 'CURLOPTSSLVERIFYPEER' ...

CVE-2014-2640

Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in HP System Management Homepage SMH before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors...

CVE-2014-2640

HP System Management Homepage (SMH) is affected by CVE-2014-2640, a cross-site scripting (XSS) vulnerability in SMH before version 7.4. The issue is tied to input handling of the RedirectUrl parameter in red2301.html, enabling remote attackers to inject arbitrary script via specially crafted link...

CVE-2014-2642

CVE-2014-2642 applies to HP System Management Homepage (SMH) prior to version 7.4, with a clickjacking vulnerability described in multiple sources (HP Security Bulletin HPSBMU03112 rev.1 and related CVE mappings). The connected documents confirm the affected product and the specific issue (clickj...

CVE-2014-2641

HP System Management Homepage (SMH) is affected by CVE-2014-2641: a CSRF vulnerability in SMH before version 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. The issue is documented across multiple feeds, with the vulnerability stemmin...

[security bulletin] HPSBST03027 rev.1 - HP StoreVirtual 4000 Storage and HP P4000 G2 Storage using HP System Management Homepage &#40;SMH&#41; running OpenSSL, Remote Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04273303 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04273303 Version: 1 HPSBST03027 rev....