Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privileged access manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-35415
An improper input validation in NI System Configuration Manager prior to 22.5 may allow a privileged user to potentially enable escalation of privilege via local access.
Ni Configuration Manager
7.2
CVSSv2
CVE-2022-21392
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Policy Framework). Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP t...
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Enterprise Manager Base Platform 13.5.0.0
1 Github repository
5.5
CVSSv2
CVE-2020-2982
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network acces...
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
4.3
CVSSv2
CVE-2015-4665
Cross-site scripting (XSS) vulnerability in ajax_cmd.php in Xceedium Xsuite 2.4.4.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the fileName parameter.
Xceedium Xsuite 2.3.0
Xceedium Xsuite 2.4.3.0
1 EDB exploit
7.5
CVSSv2
CVE-2015-4667
Multiple hardcoded credentials in Xsuite 2.x.
Xceedium Xsuite 2.4.3.0
Xceedium Xsuite 2.3.0
1 EDB exploit
5.8
CVSSv2
CVE-2015-4668
Open redirect vulnerability in Xsuite 2.4.4.5 and previous versions allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter.
Xceedium Xsuite 2.3.0
Xceedium Xsuite 2.4.3.0
1 EDB exploit
5
CVSSv2
CVE-2015-4666
Directory traversal vulnerability in opm/read_sessionlog.php in Xceedium Xsuite 2.4.4.5 and previous versions allows remote malicious users to read arbitrary files via a ....// (quadruple dot double slash) in the logFile parameter.
Xceedium Xsuite 2.3.0
Xceedium Xsuite 2.4.3.0
1 EDB exploit
7.2
CVSSv2
CVE-2015-4669
The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system.
Xceedium Xsuite 2.3.0
Xceedium Xsuite 2.4.3.0
1 EDB exploit
NA
CVE-2023-28051
Dell Power Manager, versions 3.10 and prior, contains an Improper Access Control vulnerability. A low-privileged attacker could potentially exploit this vulnerability to elevate privileges on the system.
Dell Power Manager
NA
CVE-2023-44282
Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. A local low-privileged attacker could potentially exploit this vulnerability, leading to gaining escalated privileges.
Dell Repository Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »