CVE-2021-22514

An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM...

Micro Focus Application Performance Management 代码注入漏洞

Micro Focus Application Performance Management is a comprehensive monitoring system from infrastructure to applications from Micro Focus UK. A code execution vulnerability exists in Micro Focus Application Performance Management versions 9.40, 9.50, and 9.51, which can be exploited by an attacker...

CVE-2021-22500

Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could be exploited by attacker to trick the users into executing actions of the attacker's choosing...

Design/Logic Flaw

HTTP methods reveled in Web services vulnerability in Micro Focus Service manager server, affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data...

CVE-2020-9519

HTTP methods reveled in Web services vulnerability in Micro Focus Service manager server, affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data...

CVE-2020-9519

The CVE-2020-9519 entry concerns Micro Focus Service Manager (server) with an exposure of configuration data. Affected versions are 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, and 9.63. The documents indicate the issue arises from handling HTTP methods in web services, enabling partial confid...

CVE-2017-8993

A Remote Cross-Site Scripting vulnerability in HPE Project and Portfolio Management PPM version v9.30, v9.31, v9.32, v9.40 was found...

CVE-2017-13984

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to delete arbitrary files via servlet directory traversal...

CVE-2017-13982

A directory traversal vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows users to upload unrestricted files...

CVE-2017-13985

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to traverse directory leading to disclosure of information...

HPE BSM Platform Application Performance Management System Health Path Traversal Vulnerability

HPE BSM Platform Application Performance Management System Health is a suite of application performance management systems for the BSM platform from Hewlett Packard Enterprise HPE. A path traversal vulnerability exists in HPE BSM Platform Application Performance Management System Health versions...

HPE BSM Platform Application Performance Management System Health Path Traversal Vulnerability (CNVD-2017-33007)

HPE BSM Platform Application Performance Management System Health is a suite of application performance management systems for the BSM platform from Hewlett Packard Enterprise HPE. A path traversal vulnerability exists in HPE BSM Platform Application Performance Management System Health versions...

HPE Asset Manager Arbitrary Code Execution Vulnerability

HP AssetManager is a solution for managing the lifecycle of IT assets. A security vulnerability exists in HPE Asset Manager 9.40, 9.41, 9.50, and Asset Manager CloudSystem Chargeback 9.40, which can be exploited by remote attackers to execute arbitrary commands via constructed serialized Java...

CVE-2014-2611

Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120...

IBM Informix Dynamic Server存在多个漏洞

IBM Informix Dynamic Server是一款多线索数据库服务器。 IBM Informix Dynamic Server存在多个安全问题，远程攻击者可以利用漏洞获得敏感信息或者以进程权限执行任意代码。 具体问题包括： -LOTOFILE、DBINFO、FILETOCLOB、getname、ifxfiletofile函数缓冲区溢出。 -在sysmaster中通过dbimp和dbexp过程执行任意命令。 -windows版本上超长用户名缓冲区溢出。 -通过SET DEBUG FILE执行任意命令。 -SET DEBUG FILE缓冲区溢出 -通过C code UDR提权...