Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endpoint manager vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2012-0718
IBM Tivoli Endpoint Manager 8 does not set the HttpOnly flag on cookies.
Ibm Tivoli Endpoint Manager 8.0
9.3
CVSSv2
CVE-2014-6140
IBM Tivoli Endpoint Manager Mobile Device Management (MDM) prior to 9.0.60100 uses the same secret HMAC token across different customers' installations, which allows remote malicious users to execute arbitrary code via crafted marshalled Ruby objects in cookies to (1) Enroll...
Ibm Tivoli Endpoint Manager Mobile Device Management
4.3
CVSSv2
CVE-2014-4778
IBM License Metric Tool 9 prior to 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 prior to 9.1.0.2 do not send an X-Frame-Options HTTP header in response to requests for the login page, which allows remote malicious users to conduct clickjacking attacks via vectors invo...
Ibm Endpoint Manager Family 9.0.1
Ibm License Metric Tool 9.0
Ibm License Metric Tool 9.0.1
Ibm License Metric Tool 9.1.0.1
Ibm Endpoint Manager Family 9.1.0
6.8
CVSSv2
CVE-2014-4774
Cross-site request forgery (CSRF) vulnerability in the login page in IBM License Metric Tool 9 prior to 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 prior to 9.1.0.2 allows remote malicious users to hijack the authentication of arbitrary users via vectors involving a ...
Ibm License Metric Tool 9.0.1
Ibm Endpoint Manager Family 9.0.1
Ibm License Metric Tool 9.0
Ibm License Metric Tool 9.1.0.1
Ibm Endpoint Manager Family 9.1.0
6.8
CVSSv2
CVE-2013-0452
Cross-site request forgery (CSRF) vulnerability in the Software Use Analysis (SUA) application prior to 1.3.3 in IBM Tivoli Endpoint Manager 8.2 allows remote malicious users to hijack the authentication of arbitrary users via a web site that contains crafted Flash Action Message...
Ibm Tivoli Endpoint Manager 8.2
Ibm Software Use Analysis
6.8
CVSSv2
CVE-2011-0551
Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x up to and including 11.0.6300 allows remote malicious users to hijack the authentication of administrators for requests that cre...
Symantec Endpoint Protection 11.0.6200
Symantec Endpoint Protection 11.0.6200.754
Symantec Endpoint Protection 11.0.6000
Symantec Endpoint Protection 11.0.6100
Symantec Endpoint Protection 11.0.6300
7.5
CVSSv2
CVE-2010-0114
fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x prior to 11 RU6 MP2 allows remote malicious users to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code...
Symantec Endpoint Protection 11.0
Symantec Endpoint Protection 11.0.1
Symantec Endpoint Protection 11.0.4
Symantec Endpoint Protection 11.0.2
Symantec Endpoint Protection 11.0.3001
4.3
CVSSv2
CVE-2011-0550
Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x up to and including 11.0.6300 allow remote malicious users to inject arbitrary web script or HTML via (1) the token paramete...
Symantec Endpoint Protection 11.0.6200.754
Symantec Endpoint Protection 11.0.6000
Symantec Endpoint Protection 11.0.6100
Symantec Endpoint Protection 11.0.6300
Symantec Endpoint Protection 11.0.6200
10
CVSSv2
CVE-2011-1867
Stack-based buffer overflow in iNodeMngChecker.exe in the User Access Manager (UAM) 5.0 before SP1 E0101P03 and Endpoint Admission Defense (EAD) 5.0 before SP1 E0101P03 components in HP Intelligent Management Center (aka iNode Management Center) allows remote malicious users to e...
Hp Intelligent Management Center
Hp User Access Manager 5.0
Hp Endpoint Admission Defense 5.0
5.8
CVSSv2
CVE-2012-0294
Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 prior to 12.1 RU1-MP1 allows remote malicious users to delete files via unspecified vectors.
Symantec Endpoint Protection 12.1
Symantec Endpoint Protection 12.1.671
Symantec Endpoint Protection 12.1.1000
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »