Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
key vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-4568
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, and 4.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 184157.
Ibm Security Key Lifecycle Manager 3.0
Ibm Security Key Lifecycle Manager 3.0.1
Ibm Security Key Lifecycle Manager 4.0
NA
CVE-2014-3079
The Administration and Reporting Tool in IBM Rational License Key Server (RLKS) 8.1.4.x prior to 8.1.4.4 allows remote authenticated users to bypass authorization checks and visit unspecified URLs with license-usage data via a DESCRIBE clause in a SPARQL query.
Ibm Rational License Key Server 8.1.4
Ibm Rational License Key Server 8.1.4.2
Ibm Rational License Key Server 8.1.4.3
4.3
CVSSv3
CVE-2021-38985
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Ibm Security Guardium Key Lifecycle Manager
Ibm Security Guardium Key Lifecycle Manager 4.1.1
Ibm Security Key Lifecycle Manager
4.3
CVSSv3
CVE-2021-38972
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Ibm Security Guardium Key Lifecycle Manager
Ibm Security Guardium Key Lifecycle Manager 4.1.1
Ibm Security Key Lifecycle Manager
2.7
CVSSv3
CVE-2021-38973
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Ibm Security Guardium Key Lifecycle Manager
Ibm Security Guardium Key Lifecycle Manager 4.1.1
Ibm Security Key Lifecycle Manager
7.5
CVSSv3
CVE-2021-38984
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 212793.
Ibm Security Guardium Key Lifecycle Manager
Ibm Security Guardium Key Lifecycle Manager 4.1.1
Ibm Security Key Lifecycle Manager
5.3
CVSSv3
CVE-2020-8148
UniFi Cloud Key firmware < 1.1.6 contains a vulnerability that enables an attacker being able to change a device hostname by sending a malicious API request. This affects Cloud Key gen2 and Cloud Key gen2 Plus.
Ui Cloud Key Gen2
Ui Cloud Key Gen2 Plus
7.5
CVSSv3
CVE-2022-40735
The Diffie-Hellman Key Agreement Protocol allows use of long exponents that arguably make certain calculations unnecessarily expensive, because the 1996 van Oorschot and Wiener paper found that "(appropriately) short exponents" can be used when there are adequate subgro...
Diffie-hellman Key Exchange Project Diffie-hellman Key Exchange -
5.4
CVSSv3
CVE-2021-28382
Zoho ManageEngine Key Manager Plus prior to 6001 allows Stored XSS on the user-management page while importing malicious user details from AD.
Zohocorp Manageengine Key Manager Plus
Zohocorp Manageengine Key Manager Plus 6.0
5.3
CVSSv3
CVE-2020-4572
IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184179.
Ibm Security Key Lifecycle Manager 3.0.1
Ibm Security Key Lifecycle Manager 4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »