Configuration manager

This hub aggregates every CVE we track for Configuration manager, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 13 most recently published vulnerabilities affecting Configuration manager.

• CVE-2025-0976Information Exposure Vulnerability in Hitachi Configuration Manager, Hitachi Ops Center API Configuration Manager4.7Feb 25, 2026
• CVE-2025-5781Information Exposure Vulnerability in Hitachi Configuration Manager, Hitachi Ops Center API Configuration Manager5.2Feb 25, 2026
• CVE-2023-35867An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit th...5.9Dec 18, 2023
• CVE-2022-35415An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable escalation of privilege via local access.7.8Sep 16, 2022
• CVE-2020-6788Uncontrolled Search Path Element in Bosch Configuration Manager Installer7.8Mar 25, 2021
• CVE-2020-2984Vulnerability in the Oracle Configuration Manager product of Oracle Enterprise Manager (component: Discovery and collection script). The supported version that is affected is 12.1.2.0.6. Easily exp...7.1Jul 15, 2020
• CVE-2020-12723regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.7.5Jun 5, 2020
• CVE-2020-10878Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of ...8.6Jun 5, 2020
• CVE-2020-10543Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.8.2Jun 5, 2020
• CVE-2019-6957Buffer Overflow for Bosch Video Systems, PSIM and Access Control Systems9.8May 29, 2019
• CVE-2019-6958Improper Access Control for Bosch Video Systems, PSIM and Access Control Systems9.1May 29, 2019
• CVE-2017-5645In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent tha...9.8Apr 17, 2017
• CVE-2016-2381Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.7.5Apr 8, 2016