VYPR

System Management Homepage

by Microfocus

CVEs (69)

  • CVE-2015-3148Apr 24, 2015
    risk 0.01cvss epss 0.18

    cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.

  • CVE-2015-3143Apr 24, 2015
    risk 0.01cvss epss 0.16

    cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.

  • CVE-2011-1541Apr 29, 2011
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors.

  • CVE-2006-1023Mar 7, 2006
    risk 0.01cvss epss 0.07

    Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Windows allows remote attackers to access certain files via unspecified vectors.

  • CVE-2023-50271Dec 17, 2023
    risk 0.00cvss epss 0.01

    A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information.

  • CVE-2015-2134Jul 21, 2015
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2014-7874Oct 19, 2014
    risk 0.00cvss epss 0.02

    Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2014-2642Oct 2, 2014
    risk 0.00cvss epss 0.02

    HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors.

  • CVE-2014-2641Oct 2, 2014
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2014-2640Oct 2, 2014
    risk 0.00cvss epss 0.04

    Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-6188Mar 14, 2014
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 7.1 through 7.2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2013-4846Mar 14, 2014
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors.

  • CVE-2013-4821Sep 23, 2013
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors.

  • CVE-2013-2364Jul 22, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-2363Jul 22, 2013
    risk 0.00cvss epss 0.03

    HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356.

  • CVE-2013-2362Jul 22, 2013
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676.

  • CVE-2013-2361Jul 22, 2013
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-2360Jul 22, 2013
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2359.

  • CVE-2013-2359Jul 22, 2013
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2360.

  • CVE-2013-2358Jul 22, 2013
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2359, and CVE-2013-2360.