CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0CVE-2017-9393
https://notcve.org/view.php?id=CVE-2017-9393
CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through an exhaustive search. CA Identity Manager de la versión r12.6 a la r12.6 SP8, 14.0 y 14.1 permite que los atacantes remotos identifiquen contraseñas de cuentas bloqueadas mediante una búsqueda exhaustiva. • http://www.securityfocus.com/bid/100956 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20170921-01--security-notice-for-ca-identity-manager.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 4%CPEs: 49EXPL: 0CVE-2005-3653
https://notcve.org/view.php?id=CVE-2005-3653
Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. • http://marc.info/?l=full-disclosure&m=113803349715927&w=2 http://secunia.com/advisories/18591 http://securityreason.com/securityalert/380 http://securitytracker.com/id?1015526 http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376 http://www.osvdb.org/22688 http://www.securityfocus.com/archive/1/423288/100/0/threaded http://www.securityfocus.com/archive/1/423403/100/0/threaded http:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •