Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bigfix inventory vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-27759
This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. An attacker can cause a victim's browser to emit an HTTP request to an arbitrary URL in the application.
Hcltech Bigfix Inventory
5.9
CVSSv3
CVE-2016-8962
IBM BigFix Inventory 9.2 does not require that users should have strong passwords by default, which makes it easier for malicious users to compromise user accounts. IBM X-Force ID: 118851.
Ibm Bigfix Inventory
6.5
CVSSv3
CVE-2021-27758
There is a security vulnerability in login form related to Cross-site Request Forgery which prevents user to login after attacker spam to login and system blocked victim's account.
Hcltech Bigfix Inventory
6.1
CVSSv3
CVE-2016-8961
IBM BigFix Inventory v9 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user t...
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory
5.5
CVSSv3
CVE-2016-8963
IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory
5.3
CVSSv3
CVE-2016-8977
IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
8.1
CVSSv3
CVE-2016-8980
IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
5.5
CVSSv3
CVE-2016-8981
IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
9.8
CVSSv3
CVE-2016-8964
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 118853.
Ibm License Metric Tool
Ibm Bigfix Inventory
5.9
CVSSv3
CVE-2016-8966
IBM BigFix Inventory v9 could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »