Every CVE whose affected-product data names Hp Service Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (26)
CVE-2013-4808 — CVSS 10.0 (critical): Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31 and Service Center 6.2.8 allows remote attackers to obtain…
CVE-2014-2632 — CVSS 10.0 (critical): Unspecified vulnerability in the WebTier component in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to execute…
CVE-2016-1998 — CVSS 9.8 (critical): HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 allows remote attackers to execute arbitrary commands via a crafted…
CVE-2014-2634 — CVSS 9.4 (critical): Unspecified vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to bypass intended…
CVE-2008-4415 — CVSS 9.0 (critical): Unspecified vulnerability in HP Service Manager (HPSM) before 7.01.71 allows remote authenticated users to execute arbitrary code via…
CVE-2011-1861 — CVSS 8.3 (high): Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data…
CVE-2011-1857 — CVSS 8.2 (high): Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote authenticated users to…
CVE-2016-4371 — CVSS 8.0 (high): HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive…
CVE-2011-1863 — CVSS 7.5 (high): HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allow remote authenticated users to conduct unspecified script…
CVE-2016-2025 — CVSS 7.5 (high): HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via…
CVE-2013-4830 — CVSS 7.5 (high): HP Service Manager 9.30 through 9.32 allows remote attackers to execute arbitrary code via an unspecified "injection" approach.
CVE-2013-4844 — CVSS 7.5 (high): Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to…
CVE-2013-6202 — CVSS 6.8 (medium): Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to…
CVE-2014-2633 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers…
CVE-2013-4831 — CVSS 5.5 (medium): HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive…
CVE-2013-6197 — CVSS 5.2 (medium): Unspecified vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote authenticated…
CVE-2011-1859 — CVSS 5.0 (medium): Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to obtain…
CVE-2011-1860 — CVSS 5.0 (medium): Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to capture HTTP…
CVE-2013-2336 — CVSS 5.0 (medium): HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to obtain sensitive information via…
CVE-2011-1858 — CVSS 4.3 (medium): Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows local users to bypass intended…
CVE-2013-2337 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers…
CVE-2013-4833 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or…
CVE-2013-6198 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote…
CVE-2013-6222 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Mobility Web Client and Service Request Catalog (SRC) components in HP Service Manager (SM)…
CVE-2011-1862 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers…
CVE-2013-4832 — CVSS 4.0 (medium): HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors.