Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bmc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-26550
A SQL injection vulnerability in BMC Control-M prior to 9.0.20.214 allows malicious users to execute arbitrary SQL commands via the memname JSON field.
Bmc Control-m
668
VMScore
CVE-2007-1972
PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify configuration files, which allows remote malicious users to execute arbitrary code via a request on TCP port 3181 for modification of the masterAgentName and masterAgentStartLine SNM...
Bmc Performance Manager
725
VMScore
CVE-2018-20735
An issue exists in BMC PATROL Agent up to and including 11.3.01. It was found that the PatrolCli application can allow for lateral movement and escalation of privilege inside a Windows Active Directory environment. It was found that by default the PatrolCli / PATROL Agent applica...
Bmc Patrol Agent
1 EDB exploit
614
VMScore
CVE-2014-2591
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.
Bmc Patrol Agent 3.9.00
490
VMScore
CVE-2019-11216
BMC Smart Reporting 7.3 20180418 allows authenticated XXE within the import functionality. One can import a malicious XML file and perform XXE attacks to download local files from the server, or do DoS attacks with XML expansion attacks. XXE with direct response and XXE OOB are a...
Bmc Remedy Smart Reporting
668
VMScore
CVE-2007-2136
Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote malicious users to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not properly parsed.
Bmc Patrol Perform Agent
890
VMScore
CVE-1999-0443
Patrol management software allows a remote malicious user to conduct a replay attack to steal the administrator password.
Bmc Patrol Agent 3.2.3
760
VMScore
CVE-2014-4872
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote malicious users to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or ...
Bmc Track-it\\! 11.3.0.355
2 EDB exploits
1 Github repository
655
VMScore
CVE-2014-4873
SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It! 11.3.0.355 allows remote authenticated users to execute arbitrary SQL commands via crafted POST data.
Bmc Track-it\\! 11.3.0.355
1 EDB exploit
668
VMScore
CVE-2019-16755
BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote malicious users to perform pre-authenticated remote commands execution on the Operating System running the targeted application. Affected DWP versions: versio...
Bmc Myit Digital Workplace
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »