Filtered by vendor Ca
Subscribe
Total
138 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2740 | 1 Ca | 1 Host-based Intrusion Prevention System | 2018-10-10 | 5.0 MEDIUM | N/A |
| kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet. | |||||
| CVE-2009-2026 | 1 Ca | 4 Advantage Data Transport, It Client Manager, Software Delivery and 1 more | 2018-10-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in a token searching function in the dtscore library in Data Transport Services in CA Software Delivery r11.2 C1, C2, C3, and SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; and CA IT Client Manager r12 allows remote attackers to execute arbitrary code via crafted data. | |||||
| CVE-2009-1761 | 1 Ca | 1 Arcserve Backup | 2018-10-10 | 5.0 MEDIUM | N/A |
| The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error. | |||||
| CVE-2009-0682 | 1 Ca | 1 Internet Security Suite | 2018-10-10 | 2.1 LOW | N/A |
| vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before 9.0.0.184 in Internet Security Suite r4, and vetmonnt.sys before 10.0.0.217 in Internet Security Suite r5 do not properly verify IOCTL calls, which allows local users to cause a denial of service (system crash) via a crafted call. | |||||
| CVE-2011-3011 | 1 Ca | 1 Arcserve D2d | 2018-10-09 | 5.0 MEDIUM | N/A |
| BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors. | |||||
| CVE-2011-1825 | 1 Ca | 1 Arcot Webfort Versatile Authentication Server | 2018-10-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Administrative Console in CA Arcot WebFort Versatile Authentication Server (VAS) before 6.2.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-1899 | 1 Ca | 1 Ehealth | 2018-10-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CA eHealth 6.0.x, 6.1.x, 6.2.1, and 6.2.2 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters. | |||||
| CVE-2011-1826 | 1 Ca | 1 Arcot Webfort Versatile Authentication Server | 2018-10-09 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in the Administrative Console in CA Arcot WebFort Versatile Authentication Server (VAS) before 6.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
| CVE-2011-1036 | 1 Ca | 3 Host-based Intrusion Prevention System, Internet Security Suite 2010, Internet Security Suite 2011 | 2018-10-09 | 8.8 HIGH | N/A |
| The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods. | |||||
| CVE-2011-0758 | 1 Ca | 2 Etrust Secure Content Manager, Gateway Security | 2018-10-09 | 10.0 HIGH | N/A |
| The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow. | |||||
| CVE-2012-6299 | 1 Ca | 1 Identityminder | 2018-08-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2012-6298 | 1 Ca | 1 Identityminder | 2018-08-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to execute arbitrary commands or modify data via unknown vectors. | |||||
| CVE-2018-9027 | 1 Ca | 1 Ca Privileged Access Manager | 2018-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link. | |||||
| CVE-2018-8953 | 1 Ca | 1 Workload Automation Ae | 2018-05-17 | 6.5 MEDIUM | 8.8 HIGH |
| CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request. | |||||
| CVE-2018-8954 | 1 Ca | 1 Workload Control Center | 2018-05-17 | 7.5 HIGH | 9.8 CRITICAL |
| CA Workload Control Center before r11.4 SP6 allows remote attackers to execute arbitrary code via a crafted HTTP request. | |||||
| CVE-2012-5973 | 1 Ca | 1 Xcom Data Transport | 2017-12-07 | 10.0 HIGH | N/A |
| CA XCOM Data Transport r11.0 and r11.5 on UNIX and Linux allows remote attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2000-0781 | 1 Ca | 1 Arcserve Backup | 2017-10-09 | 7.2 HIGH | N/A |
| uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local users to execute arbitrary commands by modifying the temporary file before it is moved. | |||||
| CVE-2017-9393 | 1 Ca | 2 Identity Manager, Identity Manager Virtual Appliance | 2017-10-05 | 5.0 MEDIUM | 9.8 CRITICAL |
| CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through an exhaustive search. | |||||
| CVE-2014-8474 | 1 Ca | 1 Cloud Service Management | 2017-09-07 | 7.5 HIGH | N/A |
| CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
| CVE-2014-8473 | 1 Ca | 1 Cloud Service Management | 2017-09-07 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||