Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bigfix platform vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2016-6082
IBM BigFix Platform could allow a remote malicious user to execute arbitrary code on the system, caused by a use-after-free race condition. An attacker could exploit this vulnerability to execute arbitrary code on the system.
Ibm Bigfix Platform 9.0
Ibm Bigfix Platform 9.1
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.2
9.9
CVSSv3
CVE-2019-4013
IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.
Ibm Bigfix Platform
1 EDB exploit
9.8
CVSSv3
CVE-2021-27762
Misconfigured security-related HTTP headers: Several security-related headers were missing or mis-configured on the web responses
Hcltech Bigfix Platform
9.8
CVSSv3
CVE-2018-1475
IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 140756.
Ibm Bigfix Platform
9.8
CVSSv3
CVE-2017-1221
IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have strong passwords by default, which makes it easier for malicious users to compromise user accounts. IBM X-Force ID: 123861.
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.5
8.8
CVSSv3
CVE-2023-37536
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote malicious users to cause out-of-bound access via HTTP request.
Hcltech Bigfix Platform
Apache Xerces-c\\+\\+ 3.2.3
Fedoraproject Fedora 37
8.8
CVSSv3
CVE-2018-1479
IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 140761.
Ibm Bigfix Platform
8.8
CVSSv3
CVE-2016-0295
Cross-site request forgery (CSRF) vulnerability in the IBM BigFix Platform 9.0, 9.1, 9.2, and 9.5 prior to 9.5.2 allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences. IBM X-Force ID: 111363.
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform
Ibm Bigfix Platform 9.1
Ibm Bigfix Platform 9.0
8.8
CVSSv3
CVE-2016-0291
IBM BigFix Platform 9.0, 9.1 prior to 9.1.8, and 9.2 prior to 9.2.8 allow remote authenticated users to execute arbitrary commands by leveraging report server access. IBM X-Force ID: 111302.
Ibm Bigfix Platform 9.0
Ibm Bigfix Platform
8.8
CVSSv3
CVE-2017-1218
IBM Tivoli Endpoint Manager is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 123858.
Ibm Bigfix Platform 9.2.6
Ibm Bigfix Platform 9.2.7
Ibm Bigfix Platform 9.5.6
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »