Skip to main content

Configuration Manager

12 CVEs product

Monthly

CVE-2025-0976 MEDIUM This Month

Configuration Manager versions up to 11.0.4-00 is affected by insertion of sensitive information into log file (CVSS 4.7).

Information Disclosure Configuration Manager Ops Center Api Configuration Manager
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-5781 MEDIUM This Month

Configuration Manager versions up to 11.0.5-00 is affected by insertion of sensitive information into log file (CVSS 5.2).

Information Disclosure Ops Center Api Configuration Manager Device Manager Configuration Manager
NVD
CVSS 3.1
5.2
EPSS
0.0%
CVE-2023-35867 MEDIUM This Month

An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Building Integration System Video Engine Bosch Video Management System Video Management System Viewer Configuration Manager +10
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2022-35415 HIGH This Week

An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Configuration Manager
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-2984 HIGH This Week

Vulnerability in the Oracle Configuration Manager product of Oracle Enterprise Manager (component: Discovery and collection script). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Configuration Manager
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-12723 HIGH PATCH This Week

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Perl Oncommand Workflow Automation Snap Creator Framework Fedora +12
NVD GitHub
CVSS 3.1
7.5
EPSS
6.0%
CVE-2020-10878 HIGH PATCH This Week

Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Perl Fedora Leap +14
NVD GitHub
CVSS 3.1
8.6
EPSS
4.9%
CVE-2020-10543 HIGH PATCH This Week

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Perl Fedora Leap +12
NVD GitHub
CVSS 3.1
8.2
EPSS
11.3%
CVE-2019-6958 CRITICAL Act Now

A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Access Professional Edition Bosch Video Client Bosch Video Management System Building Integration System +7
NVD
CVSS 3.1
9.1
EPSS
1.5%
CVE-2019-6957 CRITICAL Act Now

A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager (VRM), Video. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Access Professional Edition Bosch Video Client Bosch Video Management System +10
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2017-5645 Maven CRITICAL POC PATCH THREAT Act Now

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 94.0%.

Deserialization Apache RCE Log4J Oncommand Api Services +77
NVD
CVSS 3.1
9.8
EPSS
94.0%
Threat
6.3
CVE-2016-2381 HIGH Act Now

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 27.4% and no vendor patch available.

Authentication Bypass Perl Debian Linux Communications Billing And Revenue Management Configuration Manager +6
NVD
CVSS 3.1
7.5
EPSS
27.4%
EPSS 0% CVSS 4.7
MEDIUM This Month

Configuration Manager versions up to 11.0.4-00 is affected by insertion of sensitive information into log file (CVSS 4.7).

Information Disclosure Configuration Manager Ops Center Api Configuration Manager
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

Configuration Manager versions up to 11.0.5-00 is affected by insertion of sensitive information into log file (CVSS 5.2).

Information Disclosure Ops Center Api Configuration Manager Device Manager +1
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Building Integration System Video Engine Bosch Video Management System +12
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Configuration Manager
NVD
EPSS 1% CVSS 7.1
HIGH This Week

Vulnerability in the Oracle Configuration Manager product of Oracle Enterprise Manager (component: Discovery and collection script). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Configuration Manager
NVD
EPSS 6% CVSS 7.5
HIGH PATCH This Week

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Perl Oncommand Workflow Automation +14
NVD GitHub
EPSS 5% CVSS 8.6
HIGH PATCH This Week

Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Perl +16
NVD GitHub
EPSS 11% CVSS 8.2
HIGH PATCH This Week

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Perl +14
NVD GitHub
EPSS 2% CVSS 9.1
CRITICAL Act Now

A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Access Professional Edition Bosch Video Client +9
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager (VRM), Video. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Access Professional Edition +12
NVD
EPSS 94% 6.3 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 94.0%.

Deserialization Apache RCE +79
NVD
EPSS 27% CVSS 7.5
HIGH Act Now

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 27.4% and no vendor patch available.

Authentication Bypass Perl Debian Linux +8
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy