2.1.3

DATE	CVE	VULNERABILITY TITLE	RISK
2014-10-19	CVE-2014-7874	Cross-Site Request Forgery (CSRF) vulnerability in HP Hp-Ux and System Management Homepage Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. network hp CWE-352	6.8
2014-10-02	CVE-2014-2642	Improper Input Validation vulnerability in HP System Management Homepage HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors. network hp CWE-20	4.3
2014-10-02	CVE-2014-2641	Cross-Site Request Forgery (CSRF) vulnerability in HP System Management Homepage Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. network hp CWE-352	6.0
2014-10-02	CVE-2014-2640	Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network hp CWE-79	4.3
2014-03-14	CVE-2013-4846	Information Disclosure vulnerability in HP System Management Homepage Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors. network low complexity hp	5.0
2013-09-23	CVE-2013-4821	Remote Denial of Service vulnerability in HP System Management Homepage Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors. network low complexity hp	4.0
2013-07-22	CVE-2013-2364	Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. network hp CWE-79	3.5
2013-07-22	CVE-2013-2363	Information Disclosure vulnerability in HP System Management Homepage HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356. network low complexity hp	5.0
2013-07-22	CVE-2013-2362	Local Denial of Service vulnerability in HP System Management Homepage Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676. local low complexity hp	2.1
2013-07-22	CVE-2013-2361	Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network hp CWE-79	4.3