Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise asset management vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2013-6460
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
Nokogiri Nokogiri
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Cloudforms Management Engine 5.0
Redhat Enterprise Mrg 2.0
Redhat Openstack 3.0
Redhat Openstack 4.0
Redhat Satellite 6.0
Redhat Subscription Asset Manager -
6.5
CVSSv3
CVE-2013-6461
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
Nokogiri Nokogiri
Debian Debian Linux 10.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Redhat Openstack 4.0
Redhat Satellite 6.0
Redhat Subscription Asset Manager -
Redhat Openstack 3.0
Redhat Enterprise Mrg 2.0
Redhat Cloudforms Management Engine 5.0
6.1
CVSSv3
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
98 Github repositories
8.8
CVSSv3
CVE-2017-7952
INFOR EAM V11.0 Build 201410 has SQL injection via search fields, related to the filtervalue parameter.
Infor Enterprise Asset Management 11.0 Build 201410
1 EDB exploit
5.4
CVSSv3
CVE-2017-7953
INFOR EAM V11.0 Build 201410 has XSS via comment fields.
Infor Enterprise Asset Management 11.0
1 EDB exploit
NA
CVE-2015-0425
Unspecified vulnerability in the Oracle Enterprise Asset Management component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote malicious users to affect confidentiality via unknown vectors related to Siebel Core - Unix/Windows.
Oracle Siebel Crm 8.1.1
Oracle Siebel Crm 8.2.2
NA
CVE-2011-1509
The encryptPassword function in Login.js in ManageEngine ServiceDesk Plus (SDP) 8012 and previous versions uses a Caesar cipher for encryption of passwords in cookies, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network.
Manageengine Servicedesk Plus 8.0
Manageengine Servicedesk Plus
NA
CVE-2011-1510
Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus (SDP) prior to 8012 allows remote malicious users to inject arbitrary web script or HTML via the searchText parameter.
Manageengine Servicedesk Plus
NA
CVE-2011-15103
ManageEngine ServiceDesk Plus is a complete web based and ITIL ready service desk software with integrated asset management developed by ManageEngine, the Enterprise IT Management Software division of Zoho Corporation. The authentication process of ServiceDesk Plus obfuscates use...
NA
CVE-2007-0060
Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software prior to 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certa...
Broadcom Brightstor Portal 11.1
Broadcom Brightstor San Manager 11.1
Ca Etrust Admin 2.1
Ca Etrust Admin 2.4
Broadcom Unicenter Asset Management 3.1
Broadcom Cleverpath Ecm 3.5
Broadcom Cleverpath Olap 5.1
Broadcom Etrust Admin 8.0
Broadcom Etrust Admin 8.1
Broadcom Unicenter Asset Management 4.0
Ca Unicenter Asset Management 4.0
Broadcom Unicenter Data Transport Option 2.0
Ca Unicenter Management 5.0
Ca Unicenter Management 5.0.1
Broadcom Unicenter Service Level Management 3.0.1
Broadcom Unicenter Service Level Management 3.0.2
Broadcom Unicenter Tng 2.1
Broadcom Unicenter Tng 2.2
Broadcom Brightstor San Manager 11.5
Broadcom Cleverpath Aion 10.0
Ca Etrust Admin 2.7
Ca Etrust Admin 2.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »