Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asset manager vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-16545
Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a remote malicious user to achieve arbitrary code execution via file impersonation. For example, a malicious dynamic-link library (dll) assumed the identity of a temporary (tmp) file (isxdl....
Kzsoftware Training Manager
Kzsoftware Asset Manager
7.5
CVSSv3
CVE-2022-39296
MelisAssetManager provides deliveries of Melis Platform's assets located in every module's public folder. Attackers can read arbitrary files on affected versions of `melisplatform/melis-asset-manager`, leading to the disclosure of sensitive information. Conducting this ...
Melistechnology Melis-asset-manager
7.5
CVSSv3
CVE-2012-6685
Nokogiri prior to 1.5.4 is vulnerable to XXE attacks
Nokogiri Nokogiri
Redhat Cloudforms Management Engine 5.0
Redhat Enterprise Mrg 2.0
Redhat Openshift 2.0
Redhat Openstack 4.0
Redhat Openstack 6.0
Redhat Openstack Foreman -
Redhat Satellite 6.0
Redhat Subscription Asset Manager -
1 Article
7.5
CVSSv3
CVE-2015-2802
An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 up to and including 9.32, 9.40 up to and including 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user ...
Hp Asset Manager 9.30
Hp Asset Manager 9.31
Hp Asset Manager 9.32
Hp Asset Manager 9.40
Hp Asset Manager 9.41
Hp Asset Manager 9.50
Hp Asset Manager Cloudsystem Chargeback 9.40
Hp Sitescope
Hp Sitescope 11.30
7.2
CVSSv3
CVE-2019-19034
Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager (SCCM) database username when dynamically generating a command to schedule scans for SCCM. This allows an malicious user to execute arbitrary commands on the AssetExplorer Server with N...
Zohocorp Manageengine Assetexplorer 6.5
6.5
CVSSv3
CVE-2022-22950
n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition.
Vmware Spring Framework
5 Github repositories
6.5
CVSSv3
CVE-2020-4632
IBM InfoSphere Metadata Asset Manager 11.7 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to submit or control server requests. IBM X-Force ID: 185416.
Ibm Infosphere Metadata Asset Manager 11.7
6.5
CVSSv3
CVE-2014-0026
katello-headpin is vulnerable to CSRF in REST API
Redhat Subscription Asset Manager 1.0.0
6.5
CVSSv3
CVE-2013-6461
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
Nokogiri Nokogiri
Debian Debian Linux 10.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Redhat Openstack 4.0
Redhat Satellite 6.0
Redhat Subscription Asset Manager -
Redhat Openstack 3.0
Redhat Enterprise Mrg 2.0
Redhat Cloudforms Management Engine 5.0
6.5
CVSSv3
CVE-2013-6460
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
Nokogiri Nokogiri
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Cloudforms Management Engine 5.0
Redhat Enterprise Mrg 2.0
Redhat Openstack 3.0
Redhat Openstack 4.0
Redhat Satellite 6.0
Redhat Subscription Asset Manager -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »