Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subscription-manager vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-41415
Subscription-Manager v1.0 /main.js has a cross-site scripting (XSS) vulnerability in the machineDetail parameter.
Subscription-manager Project Subscription-manager 1.0
7.8
CVSSv3
CVE-2017-2663
It was found that subscription-manager's DBus interface prior to 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods. An unprivileged local attacker could use these methods to gain access to private information, or ...
Redhat Subscription-manager
NA
CVE-2011-5136
showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote malicious users to overwrite arbitrary files via the db parameter.
Epractizelabs Subscription Manager 1.0
NA
CVE-2007-0402
Cross-site scripting (XSS) vulnerability in admin/edit_member.php in Easebay Resources Paypal Subscription Manager allows remote malicious users to inject arbitrary web script or HTML via the username parameter.
Easebay Resources Paypal Subscription Manager
NA
CVE-2007-0403
SQL injection vulnerability in admin/memberlist.php in Easebay Resources Paypal Subscription Manager allows remote malicious users to execute arbitrary SQL commands via the keyword parameter.
Easebay Resources Paypal Subscription Manager
NA
CVE-2006-3961
Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted ma...
Mcafee Internet Security Suite 2005
Mcafee Internet Security Suite 2006
Mcafee Quickclean 2004
Mcafee Quickclean 2005
Mcafee Spamkiller 6.0
Mcafee Spamkiller 7.0
Mcafee Virusscan 2004
Mcafee Personal Firewall Plus 2004
Mcafee Personal Firewall Plus 2005
Mcafee Quickclean 2006
Mcafee Security Center 4.3
Mcafee Antispyware 2005
Mcafee Personal Firewall Plus 2006
Mcafee Privacy Service 2004
Mcafee Security Center 6.0
Mcafee Security Center 6.0.22
Mcafee Wireless Home Network Security 2006
Mcafee Virusscan 2005
Mcafee Virusscan 2006
Mcafee Antispyware 2006
Mcafee Internet Security Suite 2004
Mcafee Privacy Service 2005
1 EDB exploit
7.8
CVSSv3
CVE-2023-3899
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.re...
Redhat Subscription-manager
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6
Redhat Enterprise Linux For Ibm Z Systems Eus 8.6
5.5
CVSSv3
CVE-2022-0851
There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the activation key via the proce...
Convert2rhel Project Convert2rhel -
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
5.5
CVSSv3
CVE-2021-3585
A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager.
Openstack Tripleo Heat Templates
NA
CVE-2007-2584
Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter prior to 6.0.25 and 7.x prior to 7.2.147 allows remote malicious users to execute arbitrary code via a crafted argument.
Mcafee Security Center 6.0
Mcafee Security Center 6.0.22
Mcafee Virusscan 2005
Mcafee Security Center 7.0
Mcafee Security Center 7.1
Mcafee Security Center 7.2
Mcafee Securitycenter Agent 6.0
Mcafee Security Center 4.3
Mcafee Virusscan 10.0.27
Mcafee Virusscan 2004
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »