Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-04-29 | CVE-2011-1543 | Cross-Site Request Forgery (CSRF) vulnerability in HP Systems Insight Manager Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 4.3 |
| 2011-04-29 | CVE-2011-1542 | Cross-Site Scripting vulnerability in HP Systems Insight Manager Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-04-29 | CVE-2011-1541 | Remote Unauthorized Access vulnerability in HP System Management Homepage (CVE-2011-1541) Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors. | 10.0 |
| 2011-04-29 | CVE-2011-1540 | Remote Code Execution vulnerability in HP System Management Homepage (CVE-2011-1540) Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors. | 9.0 |
| 2011-04-29 | CVE-2011-1536 | Unspecified vulnerability in HP Performance Insight Unspecified vulnerability in HP Performance Insight 5.0, 5.1x. | 5.0 |
| 2011-04-29 | CVE-2011-1535 | Privilege Escalation vulnerability in HP Insight Control for Linux (CVE-2011-1535) Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux) before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. network hp | 6.0 |
| 2011-04-29 | CVE-2011-1499 | Configuration vulnerability in multiple products acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server. | 2.6 |
| 2011-04-29 | CVE-2011-0729 | Permissions, Privileges, and Access Controls vulnerability in Ubuntu Language-Selector dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) SetSystemDefaultLanguageEnv call. | 7.2 |
| 2011-04-28 | CVE-2011-1839 | Information Exposure vulnerability in IBM Rational Build Forge 7.1.0 IBM Rational Build Forge 7.1.0 uses the HTTP GET method during redirection from the authentication servlet to a PHP script, which makes it easier for context-dependent attackers to discover session IDs by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history. | 5.0 |
| 2011-04-27 | CVE-2011-1725 | Information Exposure vulnerability in HP Network Automation Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to obtain sensitive information via unknown vectors. | 5.0 |