Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bigfix platform vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2016-0297
IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could allow a remote malicious user to obtain sensitive information due to a missing HTTP Strict-Transport-Security Header through man in the middle techniques.
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.1
Ibm Bigfix Platform 9.0
890
VMScore
CVE-2016-6082
IBM BigFix Platform could allow a remote malicious user to execute arbitrary code on the system, caused by a use-after-free race condition. An attacker could exploit this vulnerability to execute arbitrary code on the system.
Ibm Bigfix Platform 9.0
Ibm Bigfix Platform 9.1
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.2
294
VMScore
CVE-2016-6085
IBM BigFix Platform could allow an attacker on the local network to crash the BES and relay servers.
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.0
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.1
605
VMScore
CVE-2016-0396
IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected.
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.1
Ibm Bigfix Platform 9.0
694
VMScore
CVE-2017-1227
IBM Tivoli Endpoint Manager could allow a unauthorized user to consume all resources and crash the system. IBM X-Force ID: 123906.
Ibm Bigfix Platform 9.1
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.2
NA
CVE-2024-23553
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform exists due to missing a specific http header attribute.
Hcltech Bigfix Platform 11.0.0
Hcltech Bigfix Platform
NA
CVE-2023-37519
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. This XSS vulnerability is in the Download Status Report, which is served by the BigFix Server.
Hcltech Bigfix Platform
Hcltech Bigfix Platform 11.0.0
NA
CVE-2023-37520
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability identified in BigFix Server version 9.5.12.68, allowing for potential data exfiltration. This XSS vulnerability is in the Gather Status Report, which is served by the BigFix Relay.
Hcltech Bigfix Platform
Hcltech Bigfix Platform 11.0.0
NA
CVE-2023-37527
A reflected cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an malicious user to execute malicious javascript code in the application session or in database, via remote injection, while rendering content in a web pag...
Hcltech Bigfix Platform 11.0.0
Hcltech Bigfix Platform
NA
CVE-2023-37528
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attack to exploit an application parameter during execution of the Save Report.
Hcltech Bigfix Platform 11.0.0
Hcltech Bigfix Platform
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »