CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0CVE-2017-9393
https://notcve.org/view.php?id=CVE-2017-9393
22 Sep 2017 — CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through an exhaustive search. CA Identity Manager de la versión r12.6 a la r12.6 SP8, 14.0 y 14.1 permite que los atacantes remotos identifiquen contraseñas de cuentas bloqueadas mediante una búsqueda exhaustiva. • http://www.securityfocus.com/bid/100956 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 36%CPEs: 49EXPL: 0CVE-2005-3653
https://notcve.org/view.php?id=CVE-2005-3653
31 Dec 2005 — Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. • http://marc.info/?l=full-disclosure&m=113803349715927&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •