System Management Homepage@* Security Vulnerabilities and Issues — System Management Homepage@* CVE List

Lucene search

HpSystem Management Homepage*

8 matches found

CVE•added 2015/12/28 11:59 p.m.•974 views

CVE-2015-8651

Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code ...

9.3CVSS9.6AI score0.89783EPSS

CVE•added 2015/06/23 9:59 p.m.•920 views

CVE-2015-3113

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.

10CVSS8.2AI score0.92672EPSS

CVE•added 2015/06/09 6:59 p.m.•227 views

CVE-2015-4024

Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth ou...

5CVSS7.3AI score0.69918EPSS

CVE•added 2015/04/24 2:59 p.m.•129 views

CVE-2015-3143

cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.

5CVSS7.3AI score0.02575EPSS

CVE•added 2015/04/24 2:59 p.m.•124 views

CVE-2015-3148

cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.

5CVSS9.1AI score0.01442EPSS

CVE•added 2015/04/24 2:59 p.m.•103 views

CVE-2015-3145

The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote cha...

7.5CVSS9.4AI score0.65095EPSS

CVE•added 2015/06/22 7:59 p.m.•97 views

CVE-2015-3237

The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.

6.4CVSS8.1AI score0.02783EPSS

CVE•added 2015/07/21 7:59 p.m.•44 views

CVE-2015-2134

Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

6CVSS6.7AI score0.00076EPSS