Gallagher Command Centre Server 安全漏洞

Gallagher Command Centre Server is a management system used by Gallagher New Zealand to monitor and manage infrastructure in buildings. A security vulnerability exists in Gallagher Command Centre Server that stems from a privilege context switching error that could lead to cross-departmental...

CVE-2019-11661

Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data...

Bosch Synchronizer 安全漏洞

Bosch Synchronizer is a network synchronizer from Bosch Germany. A security vulnerability exists in Bosch Synchronizer versions prior to 9.30 that stems from a command injection vulnerability...

CVE-2019-11663

Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure...

CVE-2019-11665

Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure...

CVE-2018-18591 MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data

A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data...

CVE-2018-18589

A potential Remote Arbitrary Code Execution vulnerability has been identified in Micro Focus' Real User Monitoring software, versions 9.26IP, 9.30, 9.40 and 9.50. The vulnerability could be exploited to execute arbitrary code...

CVE-2018-6494

Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data...

Input validation

In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 version 9.21 and prior, RX3i CPE 400 version 9.30 and prior, PACSystems RSTi-EP CPE 100 all versions, and PACSystems CPU320/CRU320 RXi all versions, the device does not properly validate input, which could allow a remote attacke...

CVE-2017-8993

A Remote Cross-Site Scripting vulnerability in HPE Project and Portfolio Management PPM version v9.30, v9.31, v9.32, v9.40 was found...

CVE-2017-14350

A potential security vulnerability has been identified in HPE Application Performance Management BSM Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code execution...

CVE-2017-13984

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to delete arbitrary files via servlet directory traversal...

CVE-2017-13982

A directory traversal vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows users to upload unrestricted files...

CVE-2017-13985

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to traverse directory leading to disclosure of information...

CVE-2017-13983

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication...

Design/Logic Flaw

A potential security vulnerability has been identified in HPE Application Performance Management BSM Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code execution...

CVE-2017-13985

The CVE-2017-13985 issue affects HPE BSM Platform Application Performance Management System Health (versions 9.26, 9.30, 9.40). The vulnerability is a path traversal/authentication flaw in the Email Servlet that leads to information disclosure. The ZDI advisory notes that exploitation requires au...

HPE BSM Platform Application Performance Management System Health Path Traversal Vulnerability

HPE BSM Platform Application Performance Management System Health is a suite of application performance management systems for the BSM platform from Hewlett Packard Enterprise HPE. A path traversal vulnerability exists in HPE BSM Platform Application Performance Management System Health versions...

HPE BSM Platform Application Performance Management System Health Path Traversal Vulnerability (CNVD-2017-33007)

HPE BSM Platform Application Performance Management System Health is a suite of application performance management systems for the BSM platform from Hewlett Packard Enterprise HPE. A path traversal vulnerability exists in HPE BSM Platform Application Performance Management System Health versions...

HP Service Manager RCE Vulnerability (Jul 2016)

HP Service Manager is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...