Max CVSS 9.0 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-9022 7.5
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file.
03-10-2019 - 00:03 18-06-2018 - 18:29
CVE-2018-9021 7.5
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.
03-10-2019 - 00:03 18-06-2018 - 18:29
CVE-2015-4669 7.2
The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system.
09-10-2018 - 19:57 25-09-2017 - 17:29
CVE-2015-4668 5.8
Open redirect vulnerability in Xsuite 2.4.4.5 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter.
09-10-2018 - 19:57 25-09-2017 - 17:29
CVE-2015-4667 7.5
Multiple hardcoded credentials in Xsuite 2.x.
09-10-2018 - 19:57 25-09-2017 - 17:29
CVE-2018-9027 4.3
A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link.
10-08-2018 - 14:07 18-06-2018 - 18:29
CVE-2015-4664 7.5
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.
09-08-2018 - 18:35 18-06-2018 - 18:29
CVE-2018-9029 7.5
An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks.
09-08-2018 - 11:03 18-06-2018 - 18:29
CVE-2018-9028 5.0
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.
09-08-2018 - 11:03 18-06-2018 - 18:29
CVE-2018-9026 5.0
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.
09-08-2018 - 11:02 18-06-2018 - 18:29
CVE-2018-9025 5.0
An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.
09-08-2018 - 11:01 18-06-2018 - 18:29
CVE-2018-9024 5.0
An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.
09-08-2018 - 10:57 18-06-2018 - 18:29
CVE-2018-9023 9.0
An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.
09-08-2018 - 10:56 18-06-2018 - 18:29
CVE-2015-4666 5.0
Directory traversal vulnerability in opm/read_sessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files via a ....// (quadruple dot double slash) in the logFile parameter.
19-06-2018 - 01:29 13-08-2015 - 14:59
CVE-2015-4665 4.3
Cross-site scripting (XSS) vulnerability in ajax_cmd.php in Xceedium Xsuite 2.4.4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the fileName parameter.
19-06-2018 - 01:29 13-08-2015 - 14:59
Back to Top Mark selected
Back to Top