Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ca vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-3011
BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote malicious users to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors.
Ca Arcserve D2d R15
1 EDB exploit
NA
CVE-2014-5866
The CA DMV (aka gov.ca.dmv) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Dmv.ca.gov Ca Dmv 2.0
8.8
CVSSv3
CVE-2021-28249
CA eHealth Performance Manager up to and including 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the ...
Ca Ehealth Performance Manager
7.8
CVSSv3
CVE-2021-28250
CA eHealth Performance Manager up to and including 6.3.2.12 is affected by Privilege Escalation via a setuid (and/or setgid) file. When a component is run as an argument of the runpicEhealth executable, the script code will be executed as the ehealth user. NOTE: This vulnerabilit...
Ca Ehealth Performance Manager
5.4
CVSSv3
CVE-2021-28247
CA eHealth Performance Manager up to and including 6.3.2.12 is affected by Cross Site Scripting (XSS). The impact is: An authenticated remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and perform a Reflected Cross-Site...
Ca Ehealth Performance Manager
5.4
CVSSv3
CVE-2017-9394
A stored cross-site scripting vulnerability in CA Identity Governance 12.6 allows remote authenticated malicious users to display HTML or execute script in the context of another user.
Ca Identity Governance 12.6.0
NA
CVE-2009-4149
Cross-site scripting (XSS) vulnerability in the web interface in CA Service Desk 12.1 allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter.
Ca Service Desk 12.1
9.8
CVSSv3
CVE-2019-19518
CA Automic Sysload 5.6.0 up to and including 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote malicious users to execute arbitrary commands.
Broadcom Ca Automic Sysload
NA
CVE-2000-0781
uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local users to execute arbitrary commands by modifying the temporary file before it is moved.
Ca Arcserve Backup 6.63 Linux
NA
CVE-2009-1761
The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote malicious users to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that trigg...
Ca Arcserve Backup R12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »