Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bmc vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-6599
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and passwo...
Bmc Track-it\\!
Bmc Track-it\\! 11.4
1 EDB exploit
7.5
CVSSv2
CVE-2016-4322
BMC BladeLogic Server Automation (BSA) prior to 8.7 Patch 3 allows remote malicious users to bypass authentication and consequently read arbitrary files or possibly have unspecified other impact by leveraging a "logic flaw" in the authentication process.
Bmc Bladelogic Server Automation Console 8.7.00
7.5
CVSSv2
CVE-2014-4872
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote malicious users to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or ...
Bmc Track-it\\! 11.3.0.355
2 EDB exploits
1 Github repository
7.5
CVSSv2
CVE-2013-4945
Multiple SQL injection vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote malicious users to execute arbitrary SQL commands via the (1) ASPSESSIONIDASSRATTQ, (2) TABLE_WIDGET_1, (3) TABLE_WIDGET_2, (4) browserDateTimeInfo, or (5) browserNumberInfo cookie par...
Bmc Service Desk Express 10.2.1.95
1 EDB exploit
7.5
CVSSv2
CVE-2007-1972
PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify configuration files, which allows remote malicious users to execute arbitrary code via a request on TCP port 3181 for modification of the masterAgentName and masterAgentStartLine SNM...
Bmc Performance Manager
7.5
CVSSv2
CVE-2007-2136
Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote malicious users to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not properly parsed.
Bmc Patrol Perform Agent
7.5
CVSSv2
CVE-1999-1355
BMC Patrol component, when installed with Compaq Insight Management Agent 4.23 and previous versions, or Management Agents for Servers 4.40 and previous versions, creates a PFCUser account with a default password and potentially dangerous privileges.
Compaq Insight Management Agent
Compaq Management Agents For Servers
7.2
CVSSv2
CVE-2021-26576
The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a command injection vulnerability in libifc.so uploadsshkey function.
Hpe Baseboard Management Controller
7.2
CVSSv2
CVE-2021-26577
The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so uploadsshkey function.
Hpe Baseboard Management Controller
7.2
CVSSv2
CVE-2021-26573
The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgeneratesslcfg function.
Hpe Baseboard Management Controller
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »