Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bmc vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2017-17675
BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by unauthenticated users, allowing for an malicious user to hijack the system logs. This data can include user names and HTTP data.
Bmc Remedy Mid-tier 9.1
578
VMScore
CVE-2017-17677
BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code.
Bmc Remedy Mid-tier 9.1
383
VMScore
CVE-2017-17678
BMC Remedy Mid Tier 9.1SP3 is affected by cross-site scripting (XSS). A DOM-based cross-site scripting vulnerability exists in a legacy utility.
Bmc Remedy Mid-tier 9.1
435
VMScore
CVE-2013-4946
Multiple cross-site scripting (XSS) vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote malicious users to inject arbitrary web script or HTML via the (1) SelTab parameter to QV_admin.aspx, the (2) CallBack parameter to QV_grid.aspx, or the (3) HelpPage param...
Bmc Service Desk Express 10.2.1.95
1 EDB exploit
605
VMScore
CVE-2017-18223
BMC Remedy AR System prior to 9.1 SP3, when Remedy AR Authentication is enabled, allows malicious users to obtain administrative access.
Bmc Remedy Action Request System
312
VMScore
CVE-2017-18228
Remedy Mid Tier in BMC Remedy AR System 9.1 allows XSS via the ATTKey parameter in an arsys/servlet/AttachServlet request.
Bmc Remedy Action Request System
383
VMScore
CVE-2014-9514
Cross-site scripting (XSS) vulnerability in BMC Footprints Service Core 11.5.
Bmc Footprints Service Core 11.5
668
VMScore
CVE-2016-4322
BMC BladeLogic Server Automation (BSA) prior to 8.7 Patch 3 allows remote malicious users to bypass authentication and consequently read arbitrary files or possibly have unspecified other impact by leveraging a "logic flaw" in the authentication process.
Bmc Bladelogic Server Automation Console 8.7.00
187
VMScore
CVE-2005-3311
BMC Software Control-M 6.1.03 for Solaris, and possibly other platforms, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Bmc Software Control-m Agent 6.1.03
356
VMScore
CVE-2020-2127
Jenkins BMC Release Package and Deployment Plugin 1.1 and previous versions stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
Jenkins Bmc Release Package And Deployment
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »