Shodan
Vulnerabilities
Vulnerable Software
Hp:  >> System Management Homepage  >> 2.1.12-200  Security Vulnerabilities
CVE-2016-1996
HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors.
CVSS Score
7.7
EPSS Score
0.005
Published
2016-03-18
CVE-2016-1995
HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.377
Published
2016-03-18
CVE-2016-1994
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.003
Published
2016-03-18
CVE-2016-1993
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVSS Score
8.1
EPSS Score
0.002
Published
2016-03-18
CVE-2015-8651
Known exploited
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.906
Published
2015-12-28
CVE-2015-2134
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
CVSS Score
6.0
EPSS Score
0.0
Published
2015-07-21
CVE-2015-3113
Known exploited
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.
CVSS Score
9.8
EPSS Score
0.927
Published
2015-06-23
CVE-2015-3237
The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
CVSS Score
6.4
EPSS Score
0.071
Published
2015-06-22
CVE-2015-4024
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
CVSS Score
5.0
EPSS Score
0.756
Published
2015-06-09
CVE-2015-3148
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
CVSS Score
5.0
EPSS Score
0.031
Published
2015-04-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved