Lucene search

Version Control Repository Manager Security Vulnerabilities - February

cve

CVE-2005-2076

HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the "@" character in a proxy password, which could allow attackers with physical access to obtain portions of the password when it is displayed to the screen.

6.7AI Score

0.002EPSS

2005-06-29 04:00 AM

cve

CVE-2010-3994

Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

5.8AI Score

0.01EPSS

2010-10-28 08:00 PM

cve

CVE-2015-3113

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.

9.8CVSS

8.2AI Score

0.535EPSS

2015-06-23 09:59 PM

887

In Wild

cve

CVE-2015-5409

Buffer overflow in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors.

6.6AI Score

0.001EPSS

2015-08-26 06:59 PM

cve

CVE-2015-5410

HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to execute arbitrary code or cause a denial of service via unspecified vectors.

7.6AI Score

0.004EPSS

2015-08-26 06:59 PM

cve

CVE-2015-5411

HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to obtain sensitive information via unspecified vectors.

5.8AI Score

0.001EPSS

2015-08-26 06:59 PM

cve

CVE-2015-5412

Cross-site request forgery (CSRF) vulnerability in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

6.8AI Score

0.001EPSS

2015-08-26 06:59 PM

cve

CVE-2015-5413

HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to gain privileges and obtain sensitive information via unspecified vectors.

6.2AI Score

0.001EPSS

2015-08-26 06:59 PM

cve

CVE-2015-8651

Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code ...

8.8CVSS

9.6AI Score

0.418EPSS

2015-12-28 11:59 PM

872

In Wild

cve

CVE-2016-8513

A Cross-Site Request Forgery (CSRF) vulnerability in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.

8CVSS

7.8AI Score

0.002EPSS

2018-02-15 10:29 PM

cve

CVE-2016-8514

A remote information disclosure in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.

6.5CVSS

6.7AI Score

0.001EPSS

2018-02-15 10:29 PM

cve

CVE-2016-8515

A remote malicious file upload vulnerability in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.

8.8CVSS

8.1AI Score

0.005EPSS

2018-02-15 10:29 PM

cve

CVE-2017-5787

A remote denial of service vulnerability in HPE Version Control Repository Manager (VCRM) in all versions prior to 7.6 was found.

6.5CVSS

6.3AI Score

0.002EPSS

2018-02-15 10:29 PM