Sztivi

**Name of the Vulnerable Software and Affected Versions** HPE Intelligent Management Center PLAT version 7.3 E0504P04 **Description** The issue is related to a lack of input validation in the dbman service of the HPE Intelligent Management Center PLAT platform. This can be exploited by a remote attacker to execute arbitrary code. **Recommendations** For HPE Intelligent Management Center PLAT version 7.3 E0504P04, consider restricting access to the dbman service until a patch is available. As a temporary workaround, avoid using the `Opcode 10007` command in the dbman service to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 **Description** A Remote Code Execution issue in HPE Intelligent Management Center (iMC) PLAT is related to the lack of input data sanitization in the dbman service. This allows a remote attacker to execute arbitrary code. **Recommendations** For HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dell NetVault Backup versions prior to 10.0.5 **Description** The issue is related to an integer overflow in the libnv6 module, which can cause a heap-based buffer overflow. This can be triggered by a specially crafted template string, allowing a remote attacker to execute arbitrary code. **Recommendations** For versions prior to 10.0.5, update to version 10.0.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the libnv6 module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Novell ZENworks Configuration Management (ZCM) (affected versions not specified) **Description** The issue is caused by a stack-based buffer overflow in the logging functionality of the Preboot Policy service. This allows remote attackers to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.