Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ca vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-39669
In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about CA installation circumstances due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...
Google Android 11.0
Google Android 12.0
7.8
CVSSv3
CVE-2021-28246
CA eHealth Performance Manager up to and including 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The...
Broadcom Ehealth
7.8
CVSSv3
CVE-2021-28250
CA eHealth Performance Manager up to and including 6.3.2.12 is affected by Privilege Escalation via a setuid (and/or setgid) file. When a component is run as an argument of the runpicEhealth executable, the script code will be executed as the ehealth user. NOTE: This vulnerabilit...
Ca Ehealth Performance Manager
7.8
CVSSv3
CVE-2020-28421
CA Unified Infrastructure Management 20.1 and previous versions contains a vulnerability in the robot (controller) component that allows local malicious users to elevate privileges.
Broadcom Unified Infrastructure Management
7.8
CVSSv3
CVE-2019-19544
CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to the uxdqmsrv binary being setuid root, that allows local malicious users to elevate privileges. This vulnerability was reported to CA several years after CA Automic Dollar Universe 5.3.3 reached End of Life (EO...
Broadcom Ca Automic Dollar Universe 5.3.3
1 Github repository
7.8
CVSSv3
CVE-2019-19231
An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local malicious user to gain escalated privileges.
Broadcom Ca Client Automation 14.0
Broadcom Ca Client Automation 14.1
Broadcom Ca Client Automation 14.2
Broadcom Ca Client Automation 14.3
1 Github repository
7.8
CVSSv3
CVE-2017-10824
Untrusted search path vulnerability in TDB CA TypeA use software Version 5.2 and previous versions, distributed until 10 August 2017 allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Teikoku Databank Type A 5.2
7.8
CVSSv3
CVE-2016-9795
The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers ...
Broadcom Ca Workload Automation Ae 11.0
Broadcom Ca Workload Automation Ae 11.3
Broadcom Ca Workload Automation Ae 11.3.5
Broadcom Ca Workload Automation Ae 11.3.6
Broadcom Client Automation 12.8
Broadcom Client Automation 12.9
Broadcom Client Automation 14.0
Broadcom Systemedge 5.8.2
Broadcom Systemedge 5.9
Broadcom Systems Performance For Infrastructure Managers 12.8
Broadcom Systems Performance For Infrastructure Managers 12.9
Ca Universal Job Management Agent 11.2
Ca Virtual Assurance For Infrastructure Managers 12.8
Ca Virtual Assurance For Infrastructure Managers 12.9
1 Github repository
7.8
CVSSv3
CVE-2016-2422
Wi-Fi in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-04-01 does not prevent use of a Wi-Fi CA certificate in an unrelated CA role, which allows malicious users to gain privileges via a crafted application, as demonstrated by obtai...
Google Android 5.1.0
Google Android 4.2
Google Android 4.1
Google Android 6.0.1
Google Android 6.0
Google Android 4.0.2
Google Android 4.4.3
Google Android 4.0.4
Google Android 4.3
Google Android 4.0.1
Google Android 4.2.1
Google Android 5.0.1
Google Android 5.0
Google Android 4.0.3
Google Android 4.0
Google Android 4.4
Google Android 4.4.1
Google Android 4.2.2
Google Android 4.3.1
Google Android 4.4.2
Google Android 5.1
Google Android 4.1.2
7.5
CVSSv3
CVE-2023-1514
A vulnerability exists in the component RTU500 Scripting interface. When a client connects to a server using TLS, the server presents a certificate. This certificate links a public key to the identity of the service and is signed by a Certification Authority (CA), allowing the cl...
Hitachienergy Rtu500 Scripting Interface 1.0.2
Hitachienergy Rtu500 Scripting Interface 1.1.1
Hitachienergy Rtu500 Scripting Interface 1.0.1.30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »