Bmc Security Vulnerabilities (CVEs)
Track 16 security vulnerabilities affecting Bmc products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A stack-based buffer overflow vulnerability in Control-M/Agent allows remote attackers to potentially execute arbitrary code or crash the service when...
Sep 16, 2025A path traversal vulnerability in Control-M/Agent allows local attackers to escalate privileges on systems running affected versions. This impacts use...
Sep 16, 2025This vulnerability allows attackers to bypass Access Control Lists in Control-M/Agent by using specially crafted client certificates with NULL bytes i...
Sep 16, 2025CVE-2025-55112 allows attackers to decrypt network traffic between Control-M/Agent and Server when Blowfish encryption is configured, due to a hardcod...
Sep 16, 2025This vulnerability allows local attackers to access sensitive SSL keys, passwords, and policy files due to overly permissive file permissions in Contr...
Sep 16, 2025An authentication bypass vulnerability in Control-M/Agent allows remote attackers to authenticate using expired demo or third-party certificates inste...
Sep 16, 2025CVE-2024-34398 is a stored HTML injection vulnerability in BMC Remedy Mid Tier 7.6.04 that allows authenticated attackers to inject malicious HTML con...
Mar 12, 2025CVE-2024-34399 is a critical authentication bypass vulnerability in BMC Remedy Mid Tier 7.6.04 that allows unauthenticated remote attackers to access ...
Sep 18, 2024This vulnerability in BMC Track-It! allows authenticated attackers to access sensitive information through the GetData endpoint due to missing authori...
May 7, 2024This vulnerability allows authenticated remote attackers to upload malicious files through email attachments in BMC Track-It!, leading to remote code ...
May 7, 2024CVE-2017-9453 is an authentication bypass vulnerability in BMC Server Automation that allows attackers to execute arbitrary commands through the Proce...
Sep 5, 2023BMC Patrol agents through version 23.1.00 allow remote attackers to modify configuration without authentication by default, enabling remote code execu...
May 31, 2023This SQL injection vulnerability in BMC Control-M allows attackers to execute arbitrary SQL commands via the memname JSON field. Attackers could poten...
Feb 25, 2023CVE-2022-24047 is an authentication bypass vulnerability in BMC Track-It! that allows remote attackers to access protected functionality without crede...
Feb 18, 2022CVE-2017-17674 is a remote/local file inclusion vulnerability in BMC Remedy Mid Tier that allows attackers to read arbitrary files and make unauthoriz...
May 19, 2021CVE-2017-17677 allows authenticated users with report creation privileges in BMC Remedy to execute arbitrary code through BIRT templates. This affects...
May 19, 2021Why Monitor Bmc Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 16+ known vulnerabilities affecting Bmc products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Bmc packages in under 60 seconds. No agents required - completely agentless scanning that works across Bmc deployments.
Free vulnerability database: Access detailed information about every Bmc CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Bmc CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
