Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endpoint manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-6113
Cross-site scripting (XSS) vulnerability in the Web Reports component in IBM Tivoli Endpoint Manager 9.1 prior to 9.1.1229 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Tivoli Endpoint Manager
NA
CVE-2014-6137
Cross-site scripting (XSS) vulnerability in the Relay Diagnostic page in IBM Tivoli Endpoint Manager 9.1 prior to 9.1.1229 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Tivoli Endpoint Manager
1 EDB exploit
8.8
CVSSv3
CVE-2015-8154
The SysPlant.sys driver in the Application and Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6-MP4 allows remote malicious users to execute arbitrary code via a crafted HTML document, related to "RWX Permissions."
Symantec Endpoint Protection Manager
1 Article
6.1
CVSSv3
CVE-2017-17442
In BlackBerry UEM Management Console version 12.7.1 and previous versions, a reflected cross-site scripting vulnerability that could allow an malicious user to execute script commands in the context of the affected UEM Management Console account by crafting a malicious link and t...
Blackberry Unified Endpoint Manager
9.8
CVSSv3
CVE-2018-13052
In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin.
Cyberark Endpoint Privilege Manager -
7.2
CVSSv3
CVE-2023-35081
A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance.
Ivanti Endpoint Manager Mobile
1 Github repository
3 Articles
9.8
CVSSv3
CVE-2023-35082
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier.
Ivanti Endpoint Manager Mobile
1 Article
8.8
CVSSv3
CVE-2013-5461
IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote malicious users to decrypt passwords by leveraging access to the hashes. IBM X-Force ID: 88309.
Ibm Endpoint Manager For Remote Control 9.0.1
Ibm Endpoint Manager For Remote Control 9.0.0
Ibm Tivoli Remote Control 5.1.2
NA
CVE-2015-1486
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote malicious users to bypass authentication via a crafted password-reset action that triggers a new administrative session.
Symantec Endpoint Protection Manager 12.1.0
1 EDB exploit
NA
CVE-2015-1487
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename.
Symantec Endpoint Protection Manager 12.1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »