CVE-2022-26088

An issue was discovered in BMC Remedy before 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML such as an SSRF payload into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the "number of recipients" field...

CVE-2019-16755

BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote attackers to perform pre-authenticated remote commands execution on the Operating System running the targeted application. Affected DWP versions: versions: 3.x to 18.x, all...

EUVD-2017-9360

Malware in sbrugna...

EUVD-2015-9100

Malware in sbrugna...

EUVD-2017-8834

Malware in sbrugna...

EUVD-2017-8831

Malware in sbrugna...

EUVD-2007-0312

Malware in sbrugna...

EUVD-2017-9355

Malware in sbrugna...

EUVD-2018-10573

Malware in sbrugna...

EUVD-2019-7292

Malware in sbrugna...

EUVD-2017-8835

Malware in sbrugna...

EUVD-2018-11194

Malware in sbrugna...

EUVD-2015-5087

Malware in sbrugna...

EUVD-2016-3433

Malware in sbrugna...

EUVD-2022-30656

Malicious code in bioql PyPI...

EUVD-2024-54199

Malicious code in bioql PyPI...

CVE-2024-34399

UNSUPPORTED WHEN ASSIGNED An issue was discovered in BMC Remedy Mid Tier 7.6.04. An unauthenticated remote attacker is able to access any user account without using any password. NOTE: This vulnerability only affects products that are no longer supported by the maintainer and the impacted version...

CVE-2017-18228

Remedy Mid Tier in BMC Remedy AR System 9.1 allows XSS via the ATTKey parameter in an arsys/servlet/AttachServlet request...

CVE-2015-9257

BMC Remedy Action Request AR System 9.0 before 9.0.00 Service Pack 2 hot fix 1 has persistent XSS...

CVE-2017-17677

BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code...