Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bmc vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-34257
An issue exists in BMC Patrol up to and including 23.1.00. The agent's configuration can be remotely modified (and, by default, authentication is not required). Some configuration fields related to SNMP (e.g., masterAgentName or masterAgentStartLine) result in code execution...
Bmc Patrol Agent
NA
CVE-2013-4783
The Dell iDRAC6 with firmware 1.x prior to 1.92 and 2.x and 3.x prior to 3.42, and iDRAC7 with firmware prior to 1.23.23, allows remote malicious users to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password...
Dell Idrac6 Bmc
9.8
CVSSv3
CVE-2019-8352
By default, BMC PATROL Agent up to and including 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If an attacker were able to capture this network traffic, they could decrypt these credentials ...
Bmc Patrol Agent
1 EDB exploit
NA
CVE-1999-0801
BMC Patrol allows remote malicious users to gain access to an agent by spoofing frames.
Bmc Patrol Agent 3.2.3
NA
CVE-1999-0443
Patrol management software allows a remote malicious user to conduct a replay attack to steal the administrator password.
Bmc Patrol Agent 3.2.3
NA
CVE-1999-0921
BMC Patrol allows any remote malicious user to flood its UDP port, causing a denial of service.
Bmc Patrol Agent 3.2.5
NA
CVE-2014-2591
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.
Bmc Patrol Agent 3.9.00
6.5
CVSSv3
CVE-2019-11216
BMC Smart Reporting 7.3 20180418 allows authenticated XXE within the import functionality. One can import a malicious XML file and perform XXE attacks to download local files from the server, or do DoS attacks with XML expansion attacks. XXE with direct response and XXE OOB are a...
Bmc Remedy Smart Reporting
7.8
CVSSv3
CVE-2019-17043
An issue exists in BMC Patrol Agent 9.0.10i. Weak execution permissions on the best1collect.exe SUID binary could allow an malicious user to elevate his/her privileges to the ones of the "patrol" user by specially crafting a shared library .so file that will be loaded d...
Bmc Patrol Agent 9.0.10i
1 Github repository
NA
CVE-2014-4873
SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It! 11.3.0.355 allows remote authenticated users to execute arbitrary SQL commands via crafted POST data.
Bmc Track-it\\! 11.3.0.355
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »