Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subscription-manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-41415
Subscription-Manager v1.0 /main.js has a cross-site scripting (XSS) vulnerability in the machineDetail parameter.
Subscription-manager Project Subscription-manager 1.0
4.6
CVSSv2
CVE-2017-2663
It was found that subscription-manager's DBus interface prior to 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods. An unprivileged local attacker could use these methods to gain access to private information, or ...
Redhat Subscription-manager
6.4
CVSSv2
CVE-2011-5136
showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote malicious users to overwrite arbitrary files via the db parameter.
Epractizelabs Subscription Manager 1.0
6.8
CVSSv2
CVE-2007-0402
Cross-site scripting (XSS) vulnerability in admin/edit_member.php in Easebay Resources Paypal Subscription Manager allows remote malicious users to inject arbitrary web script or HTML via the username parameter.
Easebay Resources Paypal Subscription Manager
7.5
CVSSv2
CVE-2007-0403
SQL injection vulnerability in admin/memberlist.php in Easebay Resources Paypal Subscription Manager allows remote malicious users to execute arbitrary SQL commands via the keyword parameter.
Easebay Resources Paypal Subscription Manager
6.8
CVSSv2
CVE-2006-3961
Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted ma...
Mcafee Internet Security Suite 2005
Mcafee Internet Security Suite 2006
Mcafee Quickclean 2004
Mcafee Quickclean 2005
Mcafee Spamkiller 6.0
Mcafee Spamkiller 7.0
Mcafee Virusscan 2004
Mcafee Personal Firewall Plus 2004
Mcafee Personal Firewall Plus 2005
Mcafee Quickclean 2006
Mcafee Security Center 4.3
Mcafee Antispyware 2005
Mcafee Personal Firewall Plus 2006
Mcafee Privacy Service 2004
Mcafee Security Center 6.0
Mcafee Security Center 6.0.22
Mcafee Wireless Home Network Security 2006
Mcafee Virusscan 2005
Mcafee Virusscan 2006
Mcafee Antispyware 2006
Mcafee Internet Security Suite 2004
Mcafee Privacy Service 2005
1 EDB exploit
NA
CVE-2023-3899
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.re...
Redhat Subscription-manager
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6
Redhat Enterprise Linux For Ibm Z Systems Eus 8.6
NA
CVE-2022-0851
There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the activation key via the proce...
Convert2rhel Project Convert2rhel -
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
NA
CVE-2021-3585
A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager.
Openstack Tripleo Heat Templates
10
CVSSv2
CVE-2007-2584
Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter prior to 6.0.25 and 7.x prior to 7.2.147 allows remote malicious users to execute arbitrary code via a crafted argument.
Mcafee Security Center 6.0
Mcafee Security Center 6.0.22
Mcafee Virusscan 2005
Mcafee Security Center 7.0
Mcafee Security Center 7.1
Mcafee Security Center 7.2
Mcafee Securitycenter Agent 6.0
Mcafee Security Center 4.3
Mcafee Virusscan 10.0.27
Mcafee Virusscan 2004
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »