Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
emm vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-5672
Kony Enterprise Mobile Management (EMM) prior to 4.2.5.2 has the vulnerability of disclosing the private key in clear-text when changing the parameters of the request.
Kony Enterprise Mobile Management
NA
CVE-2014-8487
Kony Management (aka Enterprise Mobile Management or EMM) 1.2 and previous versions allows remote authenticated users to read (1) arbitrary messages via the messageId parameter to selfservice/managedevice/getMessageBody or (2) requests via the requestId parameter to selfservice/d...
Kony Enterprise Mobile Management
NA
CVE-2012-4587
McAfee Enterprise Mobility Manager (EMM) Agent prior to 4.8 and Server prior to 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it easier for remote malicious users to discover user passwords by spoofing the EMM ...
Mcafee Enterprise Mobility Manager
Mcafee Enterprise Mobility Manager Agent
NA
CVE-2012-4588
McAfee Enterprise Mobility Manager (EMM) Agent prior to 4.8 and Server prior to 10.1 record all invalid usernames presented in failed login attempts, and place them on a list of accounts that an administrator may wish to unlock, which allows remote malicious users to cause a deni...
Mcafee Enterprise Mobility Manager
Mcafee Enterprise Mobility Manager Agent
9.8
CVSSv3
CVE-2022-20210
The UE and the EMM communicate with each other using NAS messages. When a new NAS message arrives from the EMM, the modem parses it and fills in internal objects based on the received data. A bug in the parsing code could be used by an malicious user to remotely crash the modem, ...
Google Android -
1 Article
5.5
CVSSv3
CVE-2023-37605
Weak Exception Handling vulnerability in baramundi software GmbH EMM Agent 23.1.50 and before allows an malicious user to cause a denial of service via a crafted request to the password parameter.
Baramundi Enterprise Mobility Management
NA
CVE-2012-4591
About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) prior to 10.0 discloses the name of the user account for an IIS worker process, which allows remote malicious users to obtain potentially sensitive information by visiting this page.
Mcafee Enterprise Mobility Manager 4.7
Mcafee Enterprise Mobility Manager
NA
CVE-2012-4589
Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) prior to 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Mcafee Enterprise Mobility Manager 4.7
Mcafee Enterprise Mobility Manager
NA
CVE-2012-4590
Multiple cross-site scripting (XSS) vulnerabilities in About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) prior to 10.0 might allow remote malicious users to inject arbitrary web script or HTML via the (1) User Agent or (2) Connection variable.
Mcafee Enterprise Mobility Manager 4.7
Mcafee Enterprise Mobility Manager
7.5
CVSSv3
CVE-2021-40148
In Modem EMM, there is a possible information disclosure due to a missing data encryption. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00716585; Issue ID: ALPS05886...
Mediatek L9
Mediatek Lr11 -
Mediatek Lr12 -
Mediatek Lr12a -
Mediatek Lr13 -
Mediatek Nr15 -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »