Filtered by vendor Hp
Subscriptions
Filtered by product System Management Homepage
Subscriptions
Total
78 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-7874 | 1 Hp | 2 Hp-ux, System Management Homepage | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2015-3145 | 8 Apple, Canonical, Debian and 5 more | 9 Mac Os X, Ubuntu Linux, Debian Linux and 6 more | 2025-04-12 | N/A |
| The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character. | ||||
| CVE-2015-4024 | 5 Apple, Hp, Oracle and 2 more | 13 Mac Os X, System Management Homepage, Linux and 10 more | 2025-04-12 | N/A |
| Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome. | ||||
| CVE-2015-3237 | 3 Haxx, Hp, Oracle | 5 Curl, Libcurl, System Management Homepage and 2 more | 2025-04-12 | N/A |
| The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values. | ||||
| CVE-2016-5387 | 8 Apache, Canonical, Debian and 5 more | 22 Http Server, Ubuntu Linux, Debian Linux and 19 more | 2025-04-12 | 8.1 High |
| The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability. | ||||
| CVE-2014-2640 | 1 Hp | 1 System Management Homepage | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-4846 | 1 Hp | 1 System Management Homepage | 2025-04-12 | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors. | ||||
| CVE-2010-3284 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to obtain sensitive information via unknown vectors. | ||||
| CVE-2013-2356 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2363. | ||||
| CVE-2013-2357 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2358, CVE-2013-2359, and CVE-2013-2360. | ||||
| CVE-2013-2358 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2359, and CVE-2013-2360. | ||||
| CVE-2009-4185 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter. | ||||
| CVE-2010-3009 | 2 Hp, Linux | 2 System Management Homepage, Linux Kernel | 2025-04-11 | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors. | ||||
| CVE-2010-3011 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | ||||
| CVE-2010-3012 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error. | ||||
| CVE-2012-0135 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors. | ||||
| CVE-2012-1993 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors. | ||||
| CVE-2012-2012 | 3 Hp, Linux, Microsoft | 3 System Management Homepage, Linux Kernel, Windows | 2025-04-11 | N/A |
| HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. | ||||
| CVE-2012-2013 | 3 Hp, Linux, Microsoft | 3 System Management Homepage, Linux Kernel, Windows | 2025-04-11 | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors. | ||||
| CVE-2012-2014 | 3 Hp, Linux, Microsoft | 3 System Management Homepage, Linux Kernel, Windows | 2025-04-11 | N/A |
| HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors. | ||||