Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to execute arbitrary code via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 74.1%.
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to bypass authentication via unknown vectors, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 77.7%.
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain sensitive information via unknown. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 77.2%.
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to obtain sensitive information. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 77.2%.
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors, aka. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote attackers to bypass authentication, and obtain VPN access or. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to cause a denial of service (infinite loop) via crafted DNP3 packets. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The Clientless SSL VPN feature in Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.7), 8.6.x before 8.6(1.12), 9.0.x before 9.0(2.6),. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
SQL injection vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to execute arbitrary SQL commands via unspecified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to bypass intended access restrictions via unknown. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The IPsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(1.7), when an IPsec VPN tunnel is enabled, allows remote attackers to cause a denial of service (device. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
The SQL*Net inspection engine in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18),. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(7), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
Race condition in the HTTP Deep Packet Inspection (DPI) feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.5), 8.5.x before. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption). Rated medium severity (CVSS 6.9). No vendor patch available.
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary operating-system commands via crafted parameters to a. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.
The fabric-interconnect component in Cisco Unified Computing System (UCS) uses the same privilege level for execution of every script, which allows local users to gain privileges and execute. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.
Cross-site request forgery (CSRF) vulnerability in the Data Quality Console and Information Analyzer components in IBM InfoSphere Information Server 8.7 through FP2 and 9.1 through 9.1.2.0 allows. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.
The authorization functionality in Cisco Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(25) and 4.x before 4.1(13), when multiple-context mode is enabled, allows local users to read or. Rated medium severity (CVSS 6.6). No vendor patch available.
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (component crash) via crafted "debug hardware" parameters, aka Bug ID. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted parameters to a file-related command, aka. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.
The remote-access VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.6.x before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.