Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endpoint manager vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-13052
In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin.
Cyberark Endpoint Privilege Manager -
4.8
CVSSv3
CVE-2018-8888
A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an malicious user to store script commands that could later be executed in the context of another Management Console administrator.
Blackberry Unified Endpoint Manager
NA
CVE-2014-6113
Cross-site scripting (XSS) vulnerability in the Web Reports component in IBM Tivoli Endpoint Manager 9.1 prior to 9.1.1229 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Tivoli Endpoint Manager
NA
CVE-2014-6137
Cross-site scripting (XSS) vulnerability in the Relay Diagnostic page in IBM Tivoli Endpoint Manager 9.1 prior to 9.1.1229 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Tivoli Endpoint Manager
1 EDB exploit
NA
CVE-2015-6555
Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP3 allows remote malicious users to execute arbitrary Java code by connecting to the console Java port.
Symantec Endpoint Protection Manager
6.1
CVSSv3
CVE-2017-17442
In BlackBerry UEM Management Console version 12.7.1 and previous versions, a reflected cross-site scripting vulnerability that could allow an malicious user to execute script commands in the context of the affected UEM Management Console account by crafting a malicious link and t...
Blackberry Unified Endpoint Manager
7.8
CVSSv3
CVE-2018-14894
CyberArk Endpoint Privilege Manager 10.2.1.603 and previous versions allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications.
Cyberark Endpoint Privilege Manager
1 EDB exploit
7.7
CVSSv3
CVE-2016-3647
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request.
Symantec Endpoint Protection Manager
8.8
CVSSv3
CVE-2016-3648
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to bypass the Authentication Lock protection mechanism, and conduct brute-force password-guessing attacks against management-console accounts, by entering data into the authorization...
Symantec Endpoint Protection Manager
8
CVSSv3
CVE-2016-3651
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors.
Symantec Endpoint Protection Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »