| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-71260 | BMC FootPrints ITSM 20.20.02 <= 20.24.01.001 VIEWSTATE Deserialization RCE | BMC Software, Inc. | FootPrints | High | 8.8 | 2026-03-19 13:45:06 | Deep Dive |
| CVE-2025-71259 | BMC FootPrints ITSM 20.20.02 <= 20.24.01.001 Blind SSRF in externalfeed/RSS | BMC Software, Inc. | FootPrints | Medium | 4.3 | 2026-03-19 13:44:39 | Deep Dive |
| CVE-2025-71258 | BMC FootPrints ITSM 20.20.02 <= 20.24.01.001 Blind SSRF in searchWeb | BMC Software, Inc. | FootPrints | Medium | 4.3 | 2026-03-19 13:44:10 | Deep Dive |
| CVE-2025-71257 | BMC FootPrints ITSM 20.20.02 <= 20.24.01.001 Authentication Bypass | BMC Software, Inc. | FootPrints | High | 7.3 | 2026-03-19 13:43:38 | Deep Dive |
| CVE-2024-58298 | Compuware iStrobe Web 20.13 Pre-Auth Remote Code Execution via File Upload | BMC Software | Compuware iStrobe Web | - | - | 2025-12-11 21:39:08 | Deep Dive |
| CVE-2025-55108 | BMC Control-M/Agent default configuration does not enforce SSL/TLS allowing unauthorized actions and remote code execution | BMC | Control-M/Agent | Critical | 10.0 | 2025-11-05 09:07:30 | Deep Dive |
| CVE-2025-55118 | BMC Control-M/Agent memory corruption in SSL/TLS communication | BMC | Control-M/Agent | High | 8.9 | 2025-09-16 12:23:40 | Deep Dive |
| CVE-2025-55117 | BMC Control-M/Agent buffer overflow in SSL/TLS communication | BMC | Control-M/Agent | Medium | 5.3 | 2025-09-16 12:22:58 | Deep Dive |
| CVE-2025-55116 | BMC Control-M/Agent buffer overflow local privilege escalation | BMC | Control-M/Agent | High | 8.8 | 2025-09-16 12:22:24 | Deep Dive |
| CVE-2025-55115 | BMC Control-M/Agent path traversal local privilege escalation | BMC | Control-M/Agent | High | 8.8 | 2025-09-16 12:21:51 | Deep Dive |
| CVE-2025-55114 | BMC Control-M/Agent improper IP address filtering order | BMC | Control-M/Agent | Medium | 5.3 | 2025-09-16 12:20:31 | Deep Dive |
| CVE-2025-55113 | BMC Control-M/Agent unescaped NULL byte in access control list checks | BMC | Control-M/Agent | Critical | 9.0 | 2025-09-16 12:20:04 | Deep Dive |
| CVE-2025-55112 | BMC Control-M/Agent hardcoded Blowfish keys | BMC | Control-M/Agent | High | 7.4 | 2025-09-16 12:19:24 | Deep Dive |
| CVE-2025-55111 | BMC Control-M/Agent insecure default file permissions | BMC | Control-M/Agent | Medium | 5.5 | 2025-09-16 12:18:23 | Deep Dive |
| CVE-2025-55110 | BMC Control-M/Agent hardcoded default keystore password | BMC | Control-M/Agent | Medium | 5.5 | 2025-09-16 12:16:58 | Deep Dive |
| CVE-2025-55109 | BMC Control-M/Agent default SSL/TLS configuration authenticated bypass | BMC | Control-M/Agent | Critical | 9.0 | 2025-09-16 12:14:36 | Deep Dive |
| CVE-2025-48709 | BMC Control-M/Server cleartext database credentials in process lists and logs | BMC | Control-M/Server | Low | 3.8 | 2025-08-07 00:00:00 | Deep Dive |
| CVE-2021-35002 | BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerability | BMC | Track-It! | 高危 | - | 2024-05-07 22:54:54 | Deep Dive |
| CVE-2021-35001 | BMC Track-It! GetData Missing Authorization Information Disclosure Vulnerability | BMC | Track-It! | 低危 | - | 2024-05-07 22:54:53 | Deep Dive |
| CVE-2024-1606 | HTML injection in BMC Control-M | BMC | Control-M | Medium | 4.6 | 2024-03-18 10:00:05 | Deep Dive |