Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
operations manager vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-9944
A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the affected devices could allow an unauthenticated remote malicious user to perform administrative operations over the network...
Siemens 7kt Pac1200 Data Manager Firmware
9.8
CVSSv3
CVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a negative input value.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
9.8
CVSSv3
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to bypass authentication.
Ntp Ntp 4.2.5
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
9.8
CVSSv3
CVE-2015-7705
The rate limiting feature in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77 allows remote malicious users to have unspecified impact via a large number of crafted requests.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Citrix Xenserver 7.0
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
9.8
CVSSv3
CVE-2016-5062
The web server in Aternity prior to 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote malicious users to execute arbitrary Java code by registering MBeans.
Aternity Aternity
9.8
CVSSv3
CVE-2016-0897
Pivotal Cloud Foundry (PCF) Ops Manager prior to 1.6.17 and 1.7.x prior to 1.7.8, when vCloud or vSphere is used, does not properly enable SSH access for operators, which has unspecified impact and remote attack vectors.
Pivotal Software Operations Manager 1.7.1
Pivotal Software Operations Manager 1.7.3
Pivotal Software Operations Manager 1.7.5
Pivotal Software Operations Manager 1.7.6
Pivotal Software Operations Manager 1.7.7
Pivotal Software Operations Manager
Pivotal Software Operations Manager 1.7.0
Pivotal Software Operations Manager 1.7.2
Pivotal Software Operations Manager 1.7.4
9.8
CVSSv3
CVE-2016-0883
Pivotal Cloud Foundry (PCF) Ops Manager prior to 1.5.14 and 1.6.x prior to 1.6.9 uses the same cookie-encryption key across different customers' installations, which allows remote malicious users to bypass session authentication by leveraging knowledge of this key from anoth...
Pivotal Software Operations Manager
Pivotal Software Operations Manager 1.6.1
Pivotal Software Operations Manager 1.6.6
Pivotal Software Operations Manager 1.6.8
Pivotal Software Operations Manager 1.6.2
Pivotal Software Operations Manager 1.6.3
Pivotal Software Operations Manager 1.6.4
Pivotal Software Operations Manager 1.6.5
Pivotal Software Operations Manager 1.6.0
Pivotal Software Operations Manager 1.6.7
9.8
CVSSv3
CVE-2016-0930
Pivotal Cloud Foundry (PCF) Ops Manager prior to 1.6.19 and 1.7.x prior to 1.7.10, when vCloud or vSphere is used, has a default password for compilation VMs, which allows remote malicious users to obtain SSH access by connecting within an installation-time period during which th...
Pivotal Operations Manager 1.7.6
Pivotal Operations Manager 1.7.5
Pivotal Operations Manager
Pivotal Operations Manager 1.7.9
Pivotal Operations Manager 1.7.2
Pivotal Operations Manager 1.7.1
Pivotal Operations Manager 1.7.4
Pivotal Operations Manager 1.7.3
Pivotal Operations Manager 1.7.8
Pivotal Operations Manager 1.7.7
Pivotal Operations Manager 1.7.0
9.8
CVSSv3
CVE-2016-4373
The AdminUI in HPE Operations Manager (OM) prior to 9.21.130 on Linux, Unix, and Solaris allows remote malicious users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Hp Operations Manager 9.20.0
Hp Operations Manager
9.6
CVSSv3
CVE-2024-23476
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution.
Solarwinds Access Rights Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »