Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bmc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5982
Format string vulnerability in BMC PATROL Agent prior to 3.7.30 allows remote malicious users to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message.
Bmc Patrol Agent 3.4.00
Bmc Patrol Agent 3.3.00
Bmc Patrol Agent 3.2.3
Bmc Patrol Agent 3.2.5
Bmc Patrol Agent 3.4.11
Bmc Patrol Agent
Bmc Patrol Agent 3.2
Bmc Patrol Agent 3.2.7
6.5
CVSSv3
CVE-2022-35864
This vulnerability allows remote malicious users to disclose sensitive information on affected installations of BMC Track-It! 20.21.02.109. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetPopupSubQueryDetails endpoint. The issue re...
Bmc Track-it\\! 20.19.03
Bmc Track-it\\! 20.20.01
Bmc Track-it\\! 20.20.02
Bmc Track-it\\! 20.20.03
Bmc Track-it\\! 20.21.01
Bmc Track-it\\! 20.21.02
9.8
CVSSv3
CVE-2022-35865
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results f...
Bmc Track-it\\! 20.19.03
Bmc Track-it\\! 20.20.01
Bmc Track-it\\! 20.20.02
Bmc Track-it\\! 20.20.03
Bmc Track-it\\! 20.21.01
Bmc Track-it\\! 20.21.02
NA
CVE-1999-1460
BMC PATROL SNMP Agent prior to 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program.
Bmc Patrol Agent 3.2.5
Bmc Patrol Agent
Bmc Patrol Agent 3.2
Bmc Patrol Agent 3.2.3
1 EDB exploit
NA
CVE-2011-0975
Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in Performance Analysis for Servers, Performance Assurance for Servers, and Performance Assurance for Virtual Servers 7.4.00 up to and including 7.5.10; Performance Analyzer and Performance Predictor for Servers 7...
Bmc Performance Analysis For Servers 7.4.00
Bmc Performance Analysis For Servers 7.4.10
Bmc Performance Analysis For Servers 7.5.10
Bmc Performance Analysis For Servers 7.4.15
Bmc Performance Analysis For Servers 7.5.00
Bmc Performance Assurance For Servers 7.4.15
Bmc Performance Assurance For Servers 7.5.00
Bmc Performance Assurance For Servers 7.5.10
Bmc Performance Assurance For Servers 7.4.00
Bmc Performance Assurance For Servers 7.4.10
Bmc Performance Assurance For Virtual Servers 7.5.10
Bmc Performance Assurance For Virtual Servers 7.4.00
Bmc Performance Assurance For Virtual Servers 7.4.10
Bmc Performance Assurance For Virtual Servers 7.4.15
Bmc Performance Assurance For Virtual Servers 7.5.00
Bmc Performance Analyzer For Servers 7.4.15
Bmc Performance Analyzer For Servers 7.5.00
Bmc Performance Analyzer For Servers 7.5.10
Bmc Performance Analyzer For Servers 7.4.00
Bmc Performance Analyzer For Servers 7.4.10
Bmc Performance Predictor For Servers 7.4.10
Bmc Performance Predictor For Servers 7.4.15
7.5
CVSSv3
CVE-2016-1542
The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote malicious users to bypass authorization and enumerate users by sending an action packet to xmlrpc after an authorization failure.
Bmc Bladelogic Server Automation Console 8.3.02
Bmc Bladelogic Server Automation Console 8.7.00
Bmc Bladelogic Server Automation Console 8.3.00
Bmc Bladelogic Server Automation Console 8.2.02
Bmc Bladelogic Server Automation Console 8.6.00
Bmc Bladelogic Server Automation Console 8.5.01
Bmc Bladelogic Server Automation Console 8.2.03
Bmc Bladelogic Server Automation Console 8.3.01
Bmc Bladelogic Server Automation Console 8.2.04
Bmc Bladelogic Server Automation Console 8.5.00
Bmc Bladelogic Server Automation Console 8.3.03
2 EDB exploits
3 Github repositories
7.5
CVSSv3
CVE-2016-1543
The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote malicious users to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization fa...
Bmc Bladelogic Server Automation Console 8.6.00
Bmc Bladelogic Server Automation Console 8.5.01
Bmc Bladelogic Server Automation Console 8.2.04
Bmc Bladelogic Server Automation Console 8.2.03
Bmc Bladelogic Server Automation Console 8.5.00
Bmc Bladelogic Server Automation Console 8.3.03
Bmc Bladelogic Server Automation Console 8.3.02
Bmc Bladelogic Server Automation Console 8.3.01
Bmc Bladelogic Server Automation Console 8.7.00
Bmc Bladelogic Server Automation Console 8.3.00
Bmc Bladelogic Server Automation Console 8.2.02
2 EDB exploits
2 Github repositories
6.1
CVSSv3
CVE-2015-9257
BMC Remedy Action Request (AR) System 9.0 prior to 9.0.00 Service Pack 2 hot fix 1 has persistent XSS.
Bmc Remedy Action Request System 9.0.01
Bmc Remedy Action Request System 9.0.01.001
Bmc Remedy Action Request System 9.0.00.001
Bmc Remedy Action Request System 9.0.00
Bmc Remedy Action Request System 9.0.00.002
9.8
CVSSv3
CVE-2016-6599
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and passwo...
Bmc Track-it\\!
Bmc Track-it\\! 11.4
1 EDB exploit
9.8
CVSSv3
CVE-2016-6598
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to uploa...
Bmc Track-it\\!
Bmc Track-it\\! 11.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »