Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asset manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-17332
The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EB...
Tibco Ebx Add-ons
Tibco Ebx Add-ons 4.1.0
Tibco Ebx Add-ons 4.2.0
Tibco Ebx Add-ons 4.2.1
Tibco Ebx Add-ons 4.2.2
4.3
CVSSv2
CVE-2013-6460
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
Nokogiri Nokogiri
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Cloudforms Management Engine 5.0
Redhat Enterprise Mrg 2.0
Redhat Openstack 3.0
Redhat Openstack 4.0
Redhat Satellite 6.0
Redhat Subscription Asset Manager -
4.3
CVSSv2
CVE-2013-6461
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
Nokogiri Nokogiri
Debian Debian Linux 10.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Redhat Openstack 4.0
Redhat Satellite 6.0
Redhat Subscription Asset Manager -
Redhat Openstack 3.0
Redhat Enterprise Mrg 2.0
Redhat Cloudforms Management Engine 5.0
4.3
CVSSv2
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
98 Github repositories
4.3
CVSSv2
CVE-2014-0029
Multiple cross-site scripting (XSS) vulnerabilities in the SAM web application in Red Hat katello-headpin allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters.
Redhat Subscription Asset Manager 1.0.0
4.3
CVSSv2
CVE-2015-0108
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 up to and including 7.1.1.8, and Maximo Asset Management 7.1 up to and including 7.1.1.8 and 7.2 for Tivoli IT Asset Management for IT and certain other products, allows remote authenticated users to inje...
Ibm Maximo Asset Management 7.1.1.1
Ibm Maximo Asset Management 7.1.1.2
Ibm Maximo For Nuclear Power 7.1
Ibm Maximo For Transportation 7.1
Ibm Change And Configuration Management Database 7.1
Ibm Change And Configuration Management Database 7.2
Ibm Maximo Asset Management 7.1.1.7
Ibm Maximo Asset Management 7.1.1.8
Ibm Tivoli Service Request Manager 7.1
Ibm Tivoli Service Request Manager 7.2
Ibm Maximo Asset Management 7.1
Ibm Maximo Asset Management 7.1.1
Ibm Maximo Asset Management Essentials 7.1
Ibm Maximo For Government 7.1
Ibm Tivoli Asset Management For It 7.2
Ibm Tivoli Asset Management For It 7.1
Ibm Maximo Asset Management 7.1.1.5
Ibm Maximo Asset Management 7.1.1.6
Ibm Maximo For Oil And Gas 7.1
Ibm Maximo For Life Sciences 7.1
Ibm Maximo For Utilities 7.1
4.3
CVSSv2
CVE-2014-2586
Cross-site scripting (XSS) vulnerability in the login audit form in McAfee Cloud Single Sign On (SSO) allows remote malicious users to inject arbitrary web script or HTML via a crafted password.
Mcafee Cloud Single Sign On -
1 EDB exploit
4.3
CVSSv2
CVE-2013-3281
Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop prior to 6.7 SP2 P07, Documentum WDK prior to 6.7 SP2 P07, Documentum Taskspace prior to 6.7 SP2 P07, Documentum Records Manager prior to 6.7 SP2 P07, Documentum Web Publisher prior to 6.5 SP7, Documentum Digital A...
Emc Documentum Taskspace
Emc Documentum Taskspace 6.7
Emc Documentum Capital Projects
Emc Documentum Wdk 6.7
Emc Documentum Wdk
Emc Documentum Digital Asset Manager 6.5
Emc Documentum Digital Asset Manager
Emc Documentum Administrator 6.7
Emc Documentum Administrator
Emc Documentum Webtop
Emc Documentum Webtop 6.7
Emc Documentum Web Publisher
Emc Documentum Web Publisher 6.5
4.3
CVSSv2
CVE-2013-0184
Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack 1.1.x prior to 1.1.5, 1.2.x prior to 1.2.7, 1.3.x prior to 1.3.9, and 1.4.x prior to 1.4.4 allows remote malicious users to cause a denial of service via unknown vectors related to "symbolized arbitrary strings...
Rack Project Rack 1.1.2
Rack Project Rack 1.1.0
Rack Project Rack 1.1.4
Rack Project Rack 1.1.3
Rack Project Rack 1.2.6
Rack Project Rack 1.2.3
Rack Project Rack 1.2.0
Rack Project Rack 1.2.1
Rack Project Rack 1.2.4
Rack Project Rack 1.2.2
Rack Project Rack 1.3.1
Rack Project Rack 1.3.7
Rack Project Rack 1.3.8
Rack Project Rack 1.3.2
Rack Project Rack 1.3.5
Rack Project Rack 1.3.6
Rack Project Rack 1.3.0
Rack Project Rack 1.3.4
Rack Project Rack 1.3.3
Rack Project Rack 1.4.2
Rack Project Rack 1.4.3
Rack Project Rack 1.4.0
4.3
CVSSv2
CVE-2012-6109
lib/rack/multipart.rb in Rack prior to 1.1.4, 1.2.x prior to 1.2.6, 1.3.x prior to 1.3.7, and 1.4.x prior to 1.4.2 uses an incorrect regular expression, which allows remote malicious users to cause a denial of service (infinite loop) via a crafted Content-Disposion header.
Rack Project Rack 0.4
Rack Project Rack 1.1.2
Rack Project Rack 0.2
Rack Project Rack 0.1
Rack Project Rack 1.1.0
Rack Project Rack 0.9
Rack Project Rack 1.0.1
Rack Project Rack
Rack Project Rack 0.3
Rack Project Rack 0.9.1
Rack Project Rack 1.0.0
Rack Project Rack 1.2.3
Rack Project Rack 1.2.0
Rack Project Rack 1.2.1
Rack Project Rack 1.2.4
Rack Project Rack 1.2.2
Rack Project Rack 1.3.1
Rack Project Rack 1.3.2
Rack Project Rack 1.3.5
Rack Project Rack 1.3.6
Rack Project Rack 1.3.0
Rack Project Rack 1.3.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »