Lucene search
K

218 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-17345

Malicious code in bioql PyPI...

7.8CVSS6.3AI score0.00491EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29564

Malicious code in bioql PyPI...

8.9CVSS6.3AI score0.00343EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-17344

Malicious code in bioql PyPI...

6.8CVSS6.3AI score0.00491EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-42868

Malicious code in bioql PyPI...

9.8CVSS9AI score0.00558EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-29570

Malicious code in bioql PyPI...

7.6CVSS6.6AI score0.00202EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-29572

Malicious code in bioql PyPI...

5.7CVSS6.6AI score0.0012EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-29573

Malicious code in bioql PyPI...

5.7CVSS6.6AI score0.00126EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-17346

Malicious code in bioql PyPI...

6.8CVSS6.3AI score0.00491EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2025-23950

Malicious code in bioql PyPI...

7.8CVSS6.6AI score0.00114EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29565

Malicious code in bioql PyPI...

6.3CVSS6.3AI score0.00308EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/18 12:29 p.m.10 views

CVE-2025-55114

The improper order of AUTHORIZEDCTMIP validation in the Control-M/Agent, where the Control-M/Server IP address is validated only after the SSL/TLS handshake is completed, exposes the Control-M/Agent to vulnerabilities in the SSL/TLS implementation under certain non-default conditions e.g...

8.9CVSS6.7AI score0.00362EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/18 12:29 p.m.7 views

CVE-2025-55115

A path traversal in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions. This vulnerability wa...

9.3CVSS6.8AI score0.00161EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/18 12:29 p.m.14 views

CVE-2025-55113

If the Access Control List is enforced by the Control-M/Agent and the C router is in use default in Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions; non-default but configurable using the JAVAAR setting in newer versions, the verification stop...

9.5CVSS6.8AI score0.00271EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/18 12:29 p.m.12 views

CVE-2025-55116

A buffer overflow in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions...

9.3CVSS7.2AI score0.0015EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/18 12:29 p.m.11 views

CVE-2025-55112

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between th...

7.6CVSS6.7AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/18 12:29 p.m.3 views

CVE-2025-55118

Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "useopenssl=n"; Control-M/Agent 9.0.21 and 9.0.22: Agent router...

8.9CVSS6.7AI score0.00343EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/18 12:29 p.m.6 views

CVE-2025-55110

Control-M/Agents use a kdb or PKCS12 keystore by default, and the default keystore password is well known and documented. An attacker with read access to the keystore could access sensitive data using this password...

5.7CVSS6.7AI score0.00126EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/18 12:29 p.m.4 views

CVE-2025-55117

A stack-based buffer overflow can be remotely triggered when formatting an error message in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "useopenssl=n";...

6.3CVSS7.1AI score0.00308EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/18 12:29 p.m.8 views

CVE-2025-55109

An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions when using an empty or default kdb keystore or a default PKCS12 keystore. A remote attacker with access to a signed third-party or demo...

9.5CVSS7.1AI score0.00329EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/18 12:0 a.m.1 views

Unspecified Vulnerability in BMC Control-M (CNVD-2025-22540)

BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. A security vulnerability exists in BMC Control-M that stems from the default use of the kdb or PKCS12 keystore with a known password, which can be exploited by an...

5.7CVSS6.8AI score0.00126EPSS
Exploits0References1
Rows per page
Query Builder