35 matches found
CVE-2021-22512
Cross-Site Request Forgery CSRF vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow form validation without permission checks...
EUVD-2024-44290
Malicious code in bioql PyPI...
EUVD-2022-4636
Malicious code in bioql PyPI...
EUVD-2024-32765
Malicious code in bioql PyPI...
EUVD-2024-32745
Malicious code in bioql PyPI...
CVE-2024-4692
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText...
CVE-2024-4184
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...
CVE-2024-4189
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...
CVE-2024-4184
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...
CVE-2024-4692
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText...
CVE-2024-4189
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...
CVE-2024-4211
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - ALM job config has been discovered in OpenText Application Automation...
CVE-2024-4211
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - ALM job config has been discovered in OpenText Application Automation...
CVE-2024-4690
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...
CVE-2024-4692
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText...
CVE-2024-4211
CVE-2024-4211 affects OpenText Application Automation Tools (v24.1.0 and below). Root cause: improper validation of input quantity coupled with multiple missing permission checks in ALM job configuration. Impact: users with Overall/Read permission could enumerate ALM server names, usernames and c...
CVE-2024-4189
CVE-2024-4189 affects OpenText Application Automation Tools (version 24.1.0 and earlier). The issue is an XML External Entity (XXE) / DTD Injection caused by an improper restriction on external entities in the tool’s XML parsing, leading to potential compromise of confidentiality, integrity, and ...
CVE-2024-4184 Multiple XXE sinks in ALM archive post-build step in OpenText Application Automation Tools
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...
CVE-2024-4184
OpenText Application Automation Tools plugin for Jenkins (versions 24.1.0 and earlier) is affected by CVE-2024-4184 due to improper restriction of XML external entity references, enabling DTD injection when parsing input files. Impact described as high in CVSS metrics; exploitation status is not ...
PT-2024-29749 · Opentext · Opentext Application Automation Tools
Name of the Vulnerable Software and Affected Versions: OpenText Application Automation Tools versions 24.1.0 and below Description: The issue is related to improper validation of specified quantity in input, allowing exploitation of incorrectly configured access control security levels. Multiple...