Hp Version Control Repository Manager vulnerabilities

CVE-2016-8515 [HIGH] CWE-434 CVE-2016-8515: A remote malicious file upload vulnerability in HPE Version Control Repository Manager (VCRM) was fo A remote malicious file upload vulnerability in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.

CVE-2016-8513 [HIGH] CWE-352 CVE-2016-8513: A Cross-Site Request Forgery (CSRF) vulnerability in HPE Version Control Repository Manager (VCRM) w A Cross-Site Request Forgery (CSRF) vulnerability in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.

CVE-2017-5787 [MEDIUM] CVE-2017-5787: A remote denial of service vulnerability in HPE Version Control Repository Manager (VCRM) in all ver A remote denial of service vulnerability in HPE Version Control Repository Manager (VCRM) in all versions prior to 7.6 was found.

CVE-2016-8514 [MEDIUM] CWE-200 CVE-2016-8514: A remote information disclosure in HPE Version Control Repository Manager (VCRM) was found. The prob A remote information disclosure in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.

CVE-2015-8651 [HIGH] CWE-190 CVE-2015-8651: Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Wind Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.

CVE-2015-5409 [HIGH] CWE-119 CVE-2015-5409: Buffer overflow in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authentic Buffer overflow in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors.

CVE-2015-5413 [MEDIUM] CWE-264 CVE-2015-5413: HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to gain HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to gain privileges and obtain sensitive information via unspecified vectors.

CVE-2015-5410 [MEDIUM] CVE-2015-5410: HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to execu HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to execute arbitrary code or cause a denial of service via unspecified vectors.

CVE-2015-5411 [MEDIUM] CWE-200 CVE-2015-5411: HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to obtai HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to obtain sensitive information via unspecified vectors.

CVE-2015-5412 [MEDIUM] CWE-352 CVE-2015-5412: Cross-site request forgery (CSRF) vulnerability in HP Version Control Repository Manager (VCRM) befo Cross-site request forgery (CSRF) vulnerability in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

CVE-2015-3113 [CRITICAL] CWE-787 CVE-2015-3113: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0 Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.

CVE-2010-3994 [MEDIUM] CWE-79 CVE-2010-3994: Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2005-2076 [LOW] CVE-2005-2076: HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the "@" chara HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the "@" character in a proxy password, which could allow attackers with physical access to obtain portions of the password when it is displayed to the screen.