Filtered by vendor Bmc
Subscribe
Total
52 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1460 | 1 Bmc | 1 Patrol Agent | 2016-10-17 | 7.2 HIGH | N/A |
| BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program. | |||||
| CVE-2014-4872 | 1 Bmc | 1 Bmc Track-it\! | 2016-06-29 | 7.5 HIGH | N/A |
| BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or (2) ConfigurationService. | |||||
| CVE-2014-4874 | 1 Bmc | 1 Bmc Track-it\! | 2016-06-28 | 4.0 MEDIUM | N/A |
| BMC Track-It! 11.3.0.355 allows remote authenticated users to read arbitrary files by visiting the TrackItWeb/Attachment page. | |||||
| CVE-2014-4873 | 1 Bmc | 1 Bmc Track-it\! | 2015-09-10 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It! 11.3.0.355 allows remote authenticated users to execute arbitrary SQL commands via crafted POST data. | |||||
| CVE-2014-8270 | 1 Bmc | 1 Bmc Track-it\! | 2014-12-12 | 5.0 MEDIUM | N/A |
| BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating an account whose name matches that of a local system account, then performing a password reset. | |||||
| CVE-2014-2591 | 1 Bmc | 1 Patrol Agent | 2014-06-24 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting. | |||||
| CVE-2013-4945 | 1 Bmc | 1 Service Desk Express | 2013-07-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to execute arbitrary SQL commands via the (1) ASPSESSIONIDASSRATTQ, (2) TABLE_WIDGET_1, (3) TABLE_WIDGET_2, (4) browserDateTimeInfo, or (5) browserNumberInfo cookie parameter to DashBoardGUI.aspx; or the (6) UID parameter to login.aspx. | |||||
| CVE-2013-4946 | 1 Bmc | 1 Service Desk Express | 2013-07-29 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to inject arbitrary web script or HTML via the (1) SelTab parameter to QV_admin.aspx, the (2) CallBack parameter to QV_grid.aspx, or the (3) HelpPage parameter to commonhelp.aspx. | |||||
| CVE-2012-2959 | 1 Bmc | 1 Identity Management Suite | 2012-06-11 | 5.1 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrators for requests that change passwords. | |||||
| CVE-1999-0921 | 1 Bmc | 1 Patrol Agent | 2008-09-09 | 5.0 MEDIUM | N/A |
| BMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service. | |||||
| CVE-1999-0801 | 1 Bmc | 1 Patrol Agent | 2008-09-09 | 10.0 HIGH | N/A |
| BMC Patrol allows remote attackers to gain access to an agent by spoofing frames. | |||||
| CVE-1999-0443 | 1 Bmc | 1 Patrol Agent | 2008-09-09 | 10.0 HIGH | N/A |
| Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password. | |||||