Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
management server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6336
Heap-based buffer overflow in the Mail Management Server (MAILMA.exe) in Eudora WorldMail 3.1.x allows remote malicious users to execute arbitrary code via a crafted request containing successive delimiters.
Eudora Worldmail Management Server 3.1
5.3
CVSSv3
CVE-2020-1455
A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS) improperly handles files. An attacker could exploit the vulnerability to trigger a denial of service. To exploit the vulnerability, an attacker would first require execution on the victim ...
Microsoft Sql Server Management Studio
9.8
CVSSv3
CVE-2022-38129
A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). This allows an unauthenticated remote malicious user to upload arbitrary files to the SMS host.
Keysight Sensor Management Server 2.4.0
9.8
CVSSv3
CVE-2022-38130
The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database ...
Keysight Sensor Management Server 2.4.0
4.6
CVSSv3
CVE-2023-35998
A missing authorization check in multiple SOAP endpoints of the Insider Threat Management Server enables an attacker on an adjacent network to read and write unauthorized objects. Successful exploitation requires an malicious user to first obtain a valid agent authentication toke...
Proofpoint Insider Threat Management Server
4.3
CVSSv3
CVE-2023-36002
A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions prior to 7.14.3 are affected.
Proofpoint Insider Threat Management Server
9.8
CVSSv3
CVE-2020-10655
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) prior to 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an anonymous remote malicious user to execute arbitrary code with local administ...
Proofpoint Insider Threat Management Server
9.8
CVSSv3
CVE-2020-10656
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) prior to 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote malicious user to execute arbitrary code with lo...
Proofpoint Insider Threat Management Server
9.8
CVSSv3
CVE-2023-48788
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 up to and including 7.2.2, FortiClientEMS 7.0.1 up to and including 7.0.10 allows malicious user to execute unauthorized code or commands via ...
Fortinet Forticlient Enterprise Management Server
6 Github repositories
4 Articles
7.3
CVSSv3
CVE-2021-40843
Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user trigg...
Proofpoint Insider Threat Management Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »