Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
management server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-48788
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 up to and including 7.2.2, FortiClientEMS 7.0.1 up to and including 7.0.10 allows malicious user to execute unauthorized code or commands via ...
Fortinet Forticlient Enterprise Management Server
6 Github repositories
4 Articles
9.8
CVSSv3
CVE-2021-24019
An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and below, 6.2.8 and below may allow an malicious user to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via o...
Fortinet Forticlient Endpoint Management Server
7.3
CVSSv3
CVE-2021-40843
Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user trigg...
Proofpoint Insider Threat Management Server
5.4
CVSSv3
CVE-2020-15940
An improper neutralization of input vulnerability [CWE-79] in FortiClientEMS versions 6.4.1 and below and 6.2.9 and below may allow a remote authenticated malicious user to inject malicious script/tags via the name parameter of various sections of the server.
Fortinet Forticlient Enterprise Management Server
5.4
CVSSv3
CVE-2020-15941
A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4.1 and below; 6.2.8 and below may allow an authenticated malicious user to inject directory traversal character sequences to add/delete the files of the server via the name parameter of Deployment Packages.
Fortinet Forticlient Endpoint Management Server
7.2
CVSSv3
CVE-2023-45581
An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version 7.2.0 up to and including 7.2.2 and prior to 7.0.10 allows an Site administrator with Super Admin privileges to perform global administrative operations affecting other sites via crafted H...
Fortinet Forticlient Enterprise Management Server
5.3
CVSSv3
CVE-2021-44172
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClientEMS versions 7.0.0 up to and including 7.0.4, 7.0.6 up to and including 7.0.7, in all 6.4 and 6.2 version management interface may allow an unauthenticated malicious user to gain i...
Fortinet Forticlient Endpoint Management Server
9.8
CVSSv3
CVE-2024-23616
A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.
Broadcom Symantec Server Management Suite
5.3
CVSSv3
CVE-2020-1455
A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS) improperly handles files. An attacker could exploit the vulnerability to trigger a denial of service. To exploit the vulnerability, an attacker would first require execution on the victim ...
Microsoft Sql Server Management Studio
NA
CVE-2002-0719
SQL injection vulnerability in the function that services for Microsoft Content Management Server (MCMS) 2001 allows remote malicious users to execute arbitrary commands via an MCMS resource request for image files or other files.
Microsoft Content Management Server 2001
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »