Shodan
Vulnerabilities
Vulnerable Software
Hp:  >> System Management Homepage  >> 7.5.3.1  Security Vulnerabilities
CVE-2016-1996
HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors.
CVSS Score
7.7
EPSS Score
0.001
Published
2016-03-18
CVE-2016-1995
HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.164
Published
2016-03-18
CVE-2016-1994
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.003
Published
2016-03-18
CVE-2016-1993
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVSS Score
8.1
EPSS Score
0.003
Published
2016-03-18
CVE-2015-8651
Known exploited
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.898
Published
2015-12-28
CVE-2015-3237
The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
CVSS Score
6.4
EPSS Score
0.025
Published
2015-06-22
CVE-2015-4024
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
CVSS Score
5.0
EPSS Score
0.679
Published
2015-06-09
CVE-2015-3148
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
CVSS Score
5.0
EPSS Score
0.014
Published
2015-04-24
CVE-2015-3145
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
CVSS Score
7.5
EPSS Score
0.651
Published
2015-04-24
CVE-2015-3143
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
CVSS Score
5.0
EPSS Score
0.018
Published
2015-04-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved