Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pivotal software vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2020-5419
RabbitMQ versions 3.8.x before 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binar...
Pivotal Software Rabbitmq
Vmware Rabbitmq
4.3
CVSSv2
CVE-2019-3794
Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. A remote user can perform clickjacking attacks on UAA's frontend sites.
Pivotal Software Cloud Foundry Uaa
4.3
CVSSv2
CVE-2019-3787
Cloud Foundry UAA, versions before 73.0.0, falls back to appending “unknown.org” to a user's email address when one is not provided and the user name does not contain an @ character. This domain is held by a private company, which leads to attack vectors includin...
Pivotal Software Cloud Foundry Uaa-release
4.3
CVSSv2
CVE-2018-11087
Pivotal Spring AMQP, 1.x versions before 1.7.10 and 2.x versions before 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.
Pivotal Software Spring Advanced Message Queuing Protocol
Pivotal Software Rabbitmq
4.3
CVSSv2
CVE-2016-0715
Pivotal Cloud Foundry Elastic Runtime version 1.4.0 up to and including 1.4.5, 1.5.0 up to and including 1.5.11 and 1.6.0 up to and including 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part...
Pivotal Software Cloud Foundry Elastic Runtime
4.3
CVSSv2
CVE-2018-11045
Pivotal Operations Manager, versions 2.1 before 2.1.6 and 2.0 before 2.0.15 and 1.12 before 1.12.22, contains a static Linux Random Number Generator (LRNG) seed file embedded in the appliance image. An attacker with knowledge of the exact version and IaaS of a running OpsManager ...
Pivotal Software Operations Manager
4.3
CVSSv2
CVE-2018-1278
Apps Manager included in Pivotal Application Service, versions 1.12.x before 1.12.22, 2.0.x before 2.0.13, and 2.1.x before 2.1.4 contains an authorization enforcement vulnerability. A member of any org is able to create invitations to any org for which the org GUID can be discov...
Pivotal Software Pivotal Application Service
4.3
CVSSv2
CVE-2018-1229
Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been...
Pivotal Software Spring Batch Admin
4.3
CVSSv2
CVE-2018-1200
Apps Manager for PCF (Pivotal Application Service 1.11.x prior to 1.11.26, 1.12.x prior to 1.12.14, and 2.0.x prior to 2.0.5) allows unprivileged remote file read in its container via specially-crafted links.
Pivotal Software Pivotal Application Service
4.3
CVSSv2
CVE-2017-4965
An issue exists in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions before 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions before 1.6.18, and 1.7.x versions before 1.7.15. Several forms in the RabbitMQ mana...
Pivotal Software Rabbitmq 3.6.4
Pivotal Software Rabbitmq 3.6.0
Pivotal Software Rabbitmq 3.5.4
Pivotal Software Rabbitmq 3.5.5
Pivotal Software Rabbitmq 3.6.1
Pivotal Software Rabbitmq 3.6.3
Pivotal Software Rabbitmq 3.6.6
Pivotal Software Rabbitmq 3.6.5
Pivotal Software Rabbitmq 3.5.7
Pivotal Software Rabbitmq 3.6.2
Vmware Rabbitmq 3.5.3
Vmware Rabbitmq 3.5.6
Vmware Rabbitmq 3.4.3
Vmware Rabbitmq 3.5.0
Vmware Rabbitmq 3.5.2
Vmware Rabbitmq 3.4.0
Vmware Rabbitmq 3.4.1
Vmware Rabbitmq 3.4.2
Vmware Rabbitmq 3.4.4
Vmware Rabbitmq 3.5.1
Vmware Rabbitmq 3.6.7
Pivotal Software Rabbitmq 1.6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »