Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
management server vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-10657
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) prior to 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker (with admin or config-admin privileges in the console) to execute...
Proofpoint Insider Threat Management Server
7.5
CVSSv2
CVE-2020-10658
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) prior to 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous remote malicious user to execute arbitrary code with local administrator ...
Proofpoint Insider Threat Management Server
NA
CVE-2021-44172
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClientEMS versions 7.0.0 up to and including 7.0.4, 7.0.6 up to and including 7.0.7, in all 6.4 and 6.2 version management interface may allow an unauthenticated malicious user to gain i...
Fortinet Forticlient Endpoint Management Server
NA
CVE-2023-48788
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 up to and including 7.2.2, FortiClientEMS 7.0.1 up to and including 7.0.10 allows malicious user to execute unauthorized code or commands via ...
Fortinet Forticlient Enterprise Management Server
6 Github repositories
4 Articles
NA
CVE-2022-38129
A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). This allows an unauthenticated remote malicious user to upload arbitrary files to the SMS host.
Keysight Sensor Management Server 2.4.0
NA
CVE-2022-38130
The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database ...
Keysight Sensor Management Server 2.4.0
6.9
CVSSv2
CVE-2021-40843
Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user trigg...
Proofpoint Insider Threat Management Server
NA
CVE-2023-45581
An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version 7.2.0 up to and including 7.2.2 and prior to 7.0.10 allows an Site administrator with Super Admin privileges to perform global administrative operations affecting other sites via crafted H...
Fortinet Forticlient Enterprise Management Server
NA
CVE-2023-36002
A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions prior to 7.14.3 are affected.
Proofpoint Insider Threat Management Server
2.1
CVSSv2
CVE-2020-1455
A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS) improperly handles files. An attacker could exploit the vulnerability to trigger a denial of service. To exploit the vulnerability, an attacker would first require execution on the victim ...
Microsoft Sql Server Management Studio
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »