Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unisys vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-24620
Unisys Stealth(core) prior to 4.0.134 stores passwords in a recoverable format. Therefore, a search of Enterprise Manager can potentially reveal credentials.
Unisys Stealth
7.8
CVSSv3
CVE-2018-6592
Unisys Stealth 3.3 Windows endpoints prior to 3.3.016.1 allow local users to gain access to Stealth-enabled devices by leveraging improper cleanup of memory used for negotiation key storage.
Unisys Stealth
9.8
CVSSv3
CVE-2020-12053
In Unisys Stealth 3.4.x, 4.x and 5.x prior to 5.0.026, if certificate-based authorization is used without HTTPS, an endpoint could be authorized without a private key.
Unisys Stealth
7.8
CVSSv3
CVE-2021-3141
In Unisys Stealth (core) prior to 6.0.025.0, the Keycloak password is stored in a recoverable format that might be accessible by a local attacker, who could gain access to the Management Server and change the Stealth configuration.
Unisys Stealth
6.7
CVSSv3
CVE-2021-35056
Unisys Stealth 5.1 prior to 5.1.025.0 and 6.0 prior to 6.0.055.0 has an unquoted Windows search path for a scheduled task. An unintended executable might run.
Unisys Stealth
8.7
CVSSv3
CVE-2019-18386
Systems management on Unisys ClearPath Forward Libra and ClearPath MCP Software Series can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems management communication channel
Unisys Mcp Firmware
8.8
CVSSv3
CVE-2020-12647
Unisys ALGOL Compiler 58.1 prior to 58.1a.15, 59.1 prior to 59.1a.9, and 60.0 prior to 60.0a.5 can emit invalid code sequences under rare circumstances related to syntax. The resulting code could, for example, trigger a system fault or adversely affect confidentiality, integrity,...
Unisys Algol Compiler
7.5
CVSSv3
CVE-2021-43388
Unisys Cargo Mobile Application prior to 1.2.29 uses cleartext to store sensitive information, which might be revealed in a backup. The issue is addressed by ensuring that the allowBackup flag (in the manifest) is False.
Unisys Cargo Mobile
NA
CVE-2002-2179
The dynamic initialization feature of the ClearPath MCP environment allows remote malicious users to cause a denial of service (crash) via a TCP port scan using a tool such as nmap.
Unisys Clearpath Mcp
5.9
CVSSv3
CVE-2018-5762
The TLS implementation in the TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 58.1 prior to 58.160, 59.1 prior to 059.1a.17 (IC #17), and 60.0 prior to 60.044 might allow remote malicious users to decrypt TLS ciphertext data by leveraging a Bleichenbacher ...
Unisys Clearpath Mcp
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »