CVE-2025-55110 BMC Control-M/Agent hardcoded default keystore password

Control-M/Agents use a kdb or PKCS12 keystore by default, and the default keystore password is well known and documented. An attacker with read access to the keystore could access sensitive data using this password...

CVE-2025-55110

CVE-2025-55110 concerns BMC Control-M/Agents that use a kdb or PKCS#12 keystore by default with a well-known, documented password. The available connected sources confirm that an attacker with read access to the keystore could disclose sensitive data using this password. The vulnerability centers...

BMC Control-M 安全漏洞

BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. An authentication bypass vulnerability exists in BMC Control-M that stems from an authentication bypass when using an empty or default kdb keystore or a default...

PT-2025-37941

Name of the Vulnerable Software and Affected Versions Control-M/Agent versions 9.0.18 through 9.0.20 Description Files with overly permissive permissions were identified, potentially exposing keys and passwords related to SSL files, keystores, and policies. An attacker with local access to the...

PT-2025-37940

Name of the Vulnerable Software and Affected Versions: Control-M/Agents affected versions not specified Description: Control-M/Agents utilize a kdb or PKCS12 keystore by default, employing a well-known and documented default password. An attacker possessing read access to the keystore can...

BMC Control-M 安全漏洞

BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. A security vulnerability exists in BMC Control-M that stems from the default use of the kdb or PKCS12 keystore with a known password, which can be exploited by an...

PT-2025-37924

Name of the Vulnerable Software and Affected Versions: Control-M/Agent versions 9.0.18 through 9.0.20 Control-M/Agent versions prior to 9.0.18 potentially earlier unsupported versions Description: An authentication bypass issue exists when using an empty or default kdb keystore or a default PKCS1...

Linux Distros Unpatched Vulnerability : CVE-2015-3863

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflows in the Blob class in keystore/keystore.cpp in Keystore in Android before 5.1.1 LMY48M allow attackers to execute arbitrary code and...

CVE-2025-9785

PaperCut Print Deploy is an optional component that integrates with PaperCut NG/MF which simplifies printer deployment and management. When the component is deployed to an environment, the customer has an option to configure the system to use a self-signed certificate. If the customer does not...

SAMSUNG Blockchain Keystore Code Execution Vulnerability

SAMSUNG Blockchain Keystore is a system tool for creating, storing, managing and backing up private keys from Samsung South Korea. A code execution vulnerability exists in SAMSUNG Blockchain Keystore, which can be exploited by an attacker to execute arbitrary code on the system...

SAMSUNG Blockchain Keystore Code Execution Vulnerability (CNVD-2025-20015)

SAMSUNG Blockchain Keystore is a system tool for creating, storing, managing and backing up private keys from Samsung South Korea. A code execution vulnerability exists in SAMSUNG Blockchain Keystore, which can be exploited by an attacker to execute arbitrary code on the system...

SAMSUNG Blockchain Keystore Information Disclosure Vulnerability

SAMSUNG Blockchain Keystore is a system tool for creating, storing, managing and backing up private keys from Samsung South Korea. An information disclosure vulnerability exists in SAMSUNG Blockchain Keystore, which is caused by an out-of-bounds read flaw. An attacker could exploit the...

SAMSUNG Blockchain Keystore Code Execution Vulnerability (CNVD-2025-20014)

SAMSUNG Blockchain Keystore is a system tool for creating, storing, managing and backing up private keys from Samsung South Korea. A code execution vulnerability exists in SAMSUNG Blockchain Keystore, which can be exploited by an attacker to execute arbitrary code on the system...

CVE-2025-21021

Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory...

CVE-2025-21020

Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory...

CVE-2025-21018

Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory...

CVE-2025-21017

Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory...

CVE-2025-21021

Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory...

CVE-2025-21020

Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory...

CVE-2025-21018

Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory...