Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ca vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-8471
CA Cloud Service Management (CSM) before Summer 2014 allows remote malicious users to conduct replay attacks via unspecified vectors.
Ca Cloud Service Management
6.8
CVSSv2
CVE-2014-8472
CA Cloud Service Management (CSM) before Summer 2014 does not properly verify authentication tokens from an Identity Provider, which allows user-assisted remote malicious users to bypass intended access restrictions via unspecified vectors.
Ca Cloud Service Management
6.8
CVSSv2
CVE-2014-8473
Cross-site request forgery (CSRF) vulnerability in CA Cloud Service Management (CSM) before Summer 2014 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Ca Cloud Service Management
5.4
CVSSv2
CVE-2014-5866
The CA DMV (aka gov.ca.dmv) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Dmv.ca.gov Ca Dmv 2.0
7.5
CVSSv2
CVE-2014-8474
CA Cloud Service Management (CSM) before Summer 2014 allows remote malicious users to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjuncti...
Ca Cloud Service Management
5
CVSSv2
CVE-2016-9164
Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and previous versions and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote malicious users to read arbitrary ...
Ca Unified Infrastructure Management
1 Article
7.5
CVSSv2
CVE-2019-19518
CA Automic Sysload 5.6.0 up to and including 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote malicious users to execute arbitrary commands.
Broadcom Ca Automic Sysload
7.2
CVSSv2
CVE-2000-0781
uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local users to execute arbitrary commands by modifying the temporary file before it is moved.
Ca Arcserve Backup 6.63 Linux
3.5
CVSSv2
CVE-2017-9394
A stored cross-site scripting vulnerability in CA Identity Governance 12.6 allows remote authenticated malicious users to display HTML or execute script in the context of another user.
Ca Identity Governance 12.6.0
7.2
CVSSv2
CVE-2021-28249
CA eHealth Performance Manager up to and including 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the ...
Ca Ehealth Performance Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »