Hp: >> System Management Homepage >> 7.5.5.6 Security Vulnerabilities
A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
CVSS Score
5.6
EPSS Score
0.001
Published
2018-02-15
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
CVSS Score
9.8
EPSS Score
0.052
Published
2016-05-22
CVE-2015-8651
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.
Known exploited
CVSS Score
8.8
EPSS Score
0.898
Published
2015-12-28
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en.
CVSS Score
9.0
EPSS Score
0.463
Published
2013-06-14
Page 2