Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
service manager vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-38491
An issue exists in EasyVista 2020.2.125.3 and 2022.1.109.0.03. Part of the application does not implement protection against brute-force attacks. Version 2022.1.133.0 corrects this issue.
Easyvista Service Manager 2022.1.109.0.03
Easyvista Service Manager 2020.2.125.3
8.8
CVSSv3
CVE-2022-38492
An issue exists in EasyVista 2020.2.125.3 and 2022.1.109.0.03. One parameter allows SQL injection. Version 2022.1.110.1.02 fixes the vulnerability.
Easyvista Service Manager 2022.1.109.0.03
Easyvista Service Manager 2020.2.125.3
5.4
CVSSv3
CVE-2020-9517
There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks.
Microfocus Service Manager 9.50
Microfocus Service Manager 9.60
1 Github repository
NA
CVE-2015-6417
Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and previous versions does not always use RBAC for backend database access, which allows remote authenticated users to read or write to database entries via (1) the GUI or (2) a crafted HTTP request, aka Bug ID CS...
Cisco Videoscape Distribution Suite Service Manager 3.4.0
Cisco Videoscape Distribution Suite Service Manager 3.2.0
Cisco Videoscape Distribution Suite Service Manager 3.0.0
Cisco Videoscape Distribution Suite Service Manager 3.1.0
Cisco Videoscape Distribution Suite Service Manager 3.3.0
NA
CVE-2012-3251
Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 7.11, 9.21, and 9.30, and HP Service Center Web Tier 6.28, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Hp Service Manager Web Tier 9.21
Hp Service Center Web Tier 6.28
Hp Service Manager Web Tier 7.11
Hp Service Manager Web Tier 9.30
8.8
CVSSv3
CVE-2021-20795
Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote malicious user to hijack the authentication of administrators and unintended operations may be performed via unspecified vectors.
Cybozu Remote Service Manager 3.1.8
Cybozu Remote Service Manager 3.1.9
5.4
CVSSv3
CVE-2021-20798
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated malicious user to inject an arbitrary script via unspecified vectors.
Cybozu Remote Service Manager 3.1.8
Cybozu Remote Service Manager 3.1.9
5.3
CVSSv3
CVE-2021-20802
HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote malicious user to alter the information stored in the product.
Cybozu Remote Service Manager 3.1.8
Cybozu Remote Service Manager 3.1.9
7.5
CVSSv3
CVE-2018-19634
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information.
Ca Service Desk Manager 14.1
Broadcom Service Desk Manager 17.0
9.8
CVSSv3
CVE-2018-19635
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface.
Ca Service Desk Manager 14.1
Broadcom Service Desk Manager 17.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »