Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bigfix inventory vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-27758
There is a security vulnerability in login form related to Cross-site Request Forgery which prevents user to login after attacker spam to login and system blocked victim's account.
Hcltech Bigfix Inventory
6.5
CVSSv3
CVE-2021-27759
This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. An attacker can cause a victim's browser to emit an HTTP request to an arbitrary URL in the application.
Hcltech Bigfix Inventory
5.9
CVSSv3
CVE-2016-8962
IBM BigFix Inventory 9.2 does not require that users should have strong passwords by default, which makes it easier for malicious users to compromise user accounts. IBM X-Force ID: 118851.
Ibm Bigfix Inventory
6.1
CVSSv3
CVE-2016-8961
IBM BigFix Inventory v9 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user t...
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory
5.5
CVSSv3
CVE-2016-8963
IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory
5.3
CVSSv3
CVE-2016-8977
IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
5.5
CVSSv3
CVE-2016-8981
IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
9.8
CVSSv3
CVE-2016-8964
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 118853.
Ibm License Metric Tool
Ibm Bigfix Inventory
5.9
CVSSv3
CVE-2016-8966
IBM BigFix Inventory v9 could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
5.5
CVSSv3
CVE-2016-8967
IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear text which can be read by a local user.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »