Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bmc vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2008-5982
Format string vulnerability in BMC PATROL Agent prior to 3.7.30 allows remote malicious users to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message.
Bmc Patrol Agent 3.4.00
Bmc Patrol Agent 3.3.00
Bmc Patrol Agent 3.2.3
Bmc Patrol Agent 3.2.5
Bmc Patrol Agent 3.4.11
Bmc Patrol Agent
Bmc Patrol Agent 3.2
Bmc Patrol Agent 3.2.7
NA
CVE-2022-35864
This vulnerability allows remote malicious users to disclose sensitive information on affected installations of BMC Track-It! 20.21.02.109. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetPopupSubQueryDetails endpoint. The issue re...
Bmc Track-it\\! 20.19.03
Bmc Track-it\\! 20.20.01
Bmc Track-it\\! 20.20.02
Bmc Track-it\\! 20.20.03
Bmc Track-it\\! 20.21.01
Bmc Track-it\\! 20.21.02
NA
CVE-2022-35865
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results f...
Bmc Track-it\\! 20.19.03
Bmc Track-it\\! 20.20.01
Bmc Track-it\\! 20.20.02
Bmc Track-it\\! 20.20.03
Bmc Track-it\\! 20.21.01
Bmc Track-it\\! 20.21.02
725
VMScore
CVE-1999-1460
BMC PATROL SNMP Agent prior to 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program.
Bmc Patrol Agent 3.2.5
Bmc Patrol Agent
Bmc Patrol Agent 3.2
Bmc Patrol Agent 3.2.3
1 EDB exploit
890
VMScore
CVE-2011-0975
Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in Performance Analysis for Servers, Performance Assurance for Servers, and Performance Assurance for Virtual Servers 7.4.00 up to and including 7.5.10; Performance Analyzer and Performance Predictor for Servers 7...
Bmc Performance Analysis For Servers 7.4.00
Bmc Performance Analysis For Servers 7.4.10
Bmc Performance Analysis For Servers 7.5.10
Bmc Performance Analysis For Servers 7.4.15
Bmc Performance Analysis For Servers 7.5.00
Bmc Performance Assurance For Servers 7.4.15
Bmc Performance Assurance For Servers 7.5.00
Bmc Performance Assurance For Servers 7.5.10
Bmc Performance Assurance For Servers 7.4.00
Bmc Performance Assurance For Servers 7.4.10
Bmc Performance Assurance For Virtual Servers 7.5.10
Bmc Performance Assurance For Virtual Servers 7.4.00
Bmc Performance Assurance For Virtual Servers 7.4.10
Bmc Performance Assurance For Virtual Servers 7.4.15
Bmc Performance Assurance For Virtual Servers 7.5.00
Bmc Performance Analyzer For Servers 7.4.15
Bmc Performance Analyzer For Servers 7.5.00
Bmc Performance Analyzer For Servers 7.5.10
Bmc Performance Analyzer For Servers 7.4.00
Bmc Performance Analyzer For Servers 7.4.10
Bmc Performance Predictor For Servers 7.4.10
Bmc Performance Predictor For Servers 7.4.15
511
VMScore
CVE-2016-1542
The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote malicious users to bypass authorization and enumerate users by sending an action packet to xmlrpc after an authorization failure.
Bmc Bladelogic Server Automation Console 8.3.02
Bmc Bladelogic Server Automation Console 8.7.00
Bmc Bladelogic Server Automation Console 8.3.00
Bmc Bladelogic Server Automation Console 8.2.02
Bmc Bladelogic Server Automation Console 8.6.00
Bmc Bladelogic Server Automation Console 8.5.01
Bmc Bladelogic Server Automation Console 8.2.03
Bmc Bladelogic Server Automation Console 8.3.01
Bmc Bladelogic Server Automation Console 8.2.04
Bmc Bladelogic Server Automation Console 8.5.00
Bmc Bladelogic Server Automation Console 8.3.03
2 EDB exploits
3 Github repositories
511
VMScore
CVE-2016-1543
The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote malicious users to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization fa...
Bmc Bladelogic Server Automation Console 8.6.00
Bmc Bladelogic Server Automation Console 8.5.01
Bmc Bladelogic Server Automation Console 8.2.04
Bmc Bladelogic Server Automation Console 8.2.03
Bmc Bladelogic Server Automation Console 8.5.00
Bmc Bladelogic Server Automation Console 8.3.03
Bmc Bladelogic Server Automation Console 8.3.02
Bmc Bladelogic Server Automation Console 8.3.01
Bmc Bladelogic Server Automation Console 8.7.00
Bmc Bladelogic Server Automation Console 8.3.00
Bmc Bladelogic Server Automation Console 8.2.02
2 EDB exploits
2 Github repositories
383
VMScore
CVE-2015-9257
BMC Remedy Action Request (AR) System 9.0 prior to 9.0.00 Service Pack 2 hot fix 1 has persistent XSS.
Bmc Remedy Action Request System 9.0.01
Bmc Remedy Action Request System 9.0.01.001
Bmc Remedy Action Request System 9.0.00.001
Bmc Remedy Action Request System 9.0.00
Bmc Remedy Action Request System 9.0.00.002
1000
VMScore
CVE-2016-6598
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to uploa...
Bmc Track-it\\!
Bmc Track-it\\! 11.4
1 EDB exploit
755
VMScore
CVE-2016-6599
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and passwo...
Bmc Track-it\\!
Bmc Track-it\\! 11.4
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »