Lucene search
K

29 matches found

CVE
CVE
added 5 days ago10 views

CVE-2026-10538

This CVE affects Control-M components (Control-M/Server and Control-M/Enterprise Manager) with a deserialization vulnerability in the messaging consumer. The issue arises from deserializing user-controlled data without strict control of allowed object types in versions 9.0.20.x and potentially ea...

8.9CVSS5.8AI score0.00246EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/27 1:19 a.m.30 views

CVE-2023-37524 HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service

HCL Traveler for Microsoft Outlook HTMO is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service. Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerabl...

7.7CVSS0.00108EPSS
Exploits0References1
CVE
CVE
added 2026/06/27 1:19 a.m.10 views

CVE-2023-37524

Technical details (affected product/version, root cause, and remediation) are not publicly available in the provided documents. Monitor for updates from official sources regarding CVE-2023-37524.

7.7CVSS5.8AI score0.00108EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/09 10:0 p.m.20 views

CVE-2026-5984 D-Link DIR-605L POST Request formSetLog buffer overflow

A vulnerability was identified in D-Link DIR-605L 2.13B01. Impacted is the function formSetLog of the file /goform/formSetLog of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be carried out remotely. The exploit is...

9CVSS0.00784EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/09 10:0 p.m.4 views

CVE-2026-5984 D-Link DIR-605L POST Request formSetLog buffer overflow

A vulnerability was identified in D-Link DIR-605L 2.13B01. Impacted is the function formSetLog of the file /goform/formSetLog of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be carried out remotely. The exploit is...

9CVSS7.8AI score0.00784EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/15 7:32 p.m.33 views

CVE-2026-4188 D-Link DIR-619L boa formSchedule stack-based overflow

A security flaw has been discovered in D-Link DIR-619L 2.06B01. The affected element is the function formSchedule of the file /goform/formSchedule of the component boa. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack may be initiated remotely...

9CVSS0.00453EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/31 11:5 a.m.7 views

CVE-2025-15245

A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware Update Service. The manipulation of the argument DownloadFile results in path traversal. The attack must originate from the local network. The exploit has been made public and...

5.1CVSS6.4AI score0.00536EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-8743

Malware in sbrugna...

6.1CVSS6.3AI score0.00823EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-28885

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.15815EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29570

Malicious code in bioql PyPI...

7.6CVSS6.6AI score0.00202EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/18 12:29 p.m.13 views

CVE-2025-55116

A buffer overflow in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions...

9.3CVSS7.2AI score0.0015EPSS
Exploits0References1
NVD
NVD
added 2025/09/16 1:16 p.m.6 views

CVE-2025-55112

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between th...

7.6CVSS0.00202EPSS
Exploits0References2
OSV
OSV
added 2025/09/16 1:16 p.m.5 views

CVE-2025-55111

Certain files with overly permissive permissions were identified in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions as well as in newer versions which were upgraded from an affected version. These files contain keys and passwords relating ...

5.7CVSS5.8AI score0.0012EPSS
Exploits0References2
OSV
OSV
added 2025/09/16 1:16 p.m.5 views

CVE-2025-55109

An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions when using an empty or default kdb keystore or a default PKCS12 keystore. A remote attacker with access to a signed third-party or demo...

9.5CVSS5.9AI score0.00329EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/16 12:20 p.m.9 views

CVE-2025-55113 BMC Control-M/Agent unescaped NULL byte in access control list checks

If the Access Control List is enforced by the Control-M/Agent and the C router is in use default in Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions; non-default but configurable using the JAVAAR setting in newer versions, the verification stop...

9.5CVSS0.00271EPSS
Exploits0References2
CVE
CVE
added 2025/09/16 12:20 p.m.23 views

CVE-2025-55113

Summary: CVE-2025-55113 affects BMC/Control-M environments where the ACL check is enforced by the Control-M/Agent and the C router is in use. The vulnerability arises when the verification stops at the first NULL byte in the email address within the client certificate, allowing an attacker to byp...

10CVSS6.4AI score0.00271EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/16 12:18 p.m.3 views

CVE-2025-55111 BMC Control-M/Agent insecure default file permissions

Certain files with overly permissive permissions were identified in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions as well as in newer versions which were upgraded from an affected version. These files contain keys and passwords relating ...

5.7CVSS6.3AI score0.0012EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.5 views

PT-2025-37945

Name of the Vulnerable Software and Affected Versions: Control-M/Agent versions 9.0.18 through 9.0.20 Description: A path traversal in Control-M/Agent can lead to local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts out-of-support...

9.3CVSS6.4AI score0.00161EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.5 views

PT-2025-37942

Name of the Vulnerable Software and Affected Versions: Control-M/Agent versions 9.0.18 through 9.0.20 Description: Out-of-support versions of Control-M/Agent configured to use the non-default Blowfish cryptography algorithm utilize a hardcoded key. An attacker with network access and knowledge of...

7.6CVSS6.2AI score0.00202EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/09/06 2:32 p.m.2 views

CVE-2025-10034 D-Link DIR-825 httpd ping6_response.cg get_ping6_app_stat buffer overflow

A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function getping6appstat of the file ping6response.cg of the component httpd. Performing manipulation of the argument ping6ipaddr results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

9CVSS8.8AI score0.00869EPSS
Exploits1References5
Rows per page
Query Builder