Vulnerabilities > Numara
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-10-26 | CVE-2015-5448 | Information Exposure vulnerability in Numara Asset Manager 9.40/9.41 HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 before 9.50.11925 P3 allows local users to obtain sensitive information via unspecified vectors. | 2.1 |
| 2008-03-08 | CVE-2008-1214 | Code Injection vulnerability in Numara Footprints 8.1 MRcgi/MRProcessIncomingForms.pl in Numara FootPrints 8.1 on Linux allows remote attackers to execute arbitrary code via shell metacharacters in the PROJECTNUM parameter. | 7.5 |
| 2008-03-08 | CVE-2008-1213 | Cross-Site Scripting vulnerability in Numara Footprints 8.1 Cross-site scripting (XSS) vulnerability in Numara FootPrints for Linux 8.1 allows remote attackers to inject arbitrary web script or HTML via the Title form field when setting an appointment. | 4.3 |
| 2007-07-23 | CVE-2007-2950 | Local Privilege Escalation vulnerability in Discovery and Asset Manager Centennial Discovery 2006 Feature Pack 1, which is used by (1) Numara Asset Manager 8.0 and (2) Symantec Discovery 6.5, uses insecure permissions on certain directories, which allows local users to gain privileges. | 7.2 |
| 2007-06-06 | CVE-2007-2514 | Remote Buffer Overflow vulnerability in Multiple Vendor XFERWAN.EXE Filename Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. | 9.3 |
| 2007-05-16 | CVE-2007-1173 | Remote Buffer Overflow vulnerability in Multiple Vendor XFERWAN.EXE Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet. | 10.0 |