19 matches found
HCL AppScan Source <= 10.6 Improper Certificate Validation (CVE-2024-30149)
The version of HCL AppScan Source installed on the remote Windows host is 10.6.0 or earlier. It is, therefore, affected by an improper certificate validation vulnerability. HCL AppScan Source does not properly validate a TLS/SSL certificate for an executable, which could allow an attacker to...
EUVD-2019-7005
Malware in sbrugna...
EUVD-2024-28085
Malicious code in bioql PyPI...
CVE-2019-16188
HCL AppScan Source before 9.03.13 is susceptible to XML External Entity XXE attacks in multiple locations. In particular, an attacker can send a specially crafted .ozasmt file to a targeted victim and ask the victim to open it. When the victim imports the .ozasmt file in AppScan Source, the conte...
CVE-2024-30149
HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...
CVE-2024-30149
HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...
CVE-2024-30149
CVE-2024-30149 affects HCL AppScan Source versions 10.6.0 and earlier, with a root cause of improper validation of a TLS/SSL certificate for an executable. Public sources consistently state the issue in the AppScan Source
CVE-2024-30149 HCL AppScan Source is affected by an expired TLS/SSL certificate
HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...
CVE-2024-30149 HCL AppScan Source is affected by an expired TLS/SSL certificate
HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...
PT-2024-23213 · Hcl · Hcl Appscan Source
Name of the Vulnerable Software and Affected Versions: HCL AppScan Source versions 10.6.0 and below Description: The issue is related to improper validation of a TLS/SSL certificate for an executable. This could potentially lead to security risks if exploited. Recommendations: For HCL AppScan...
CVE-2019-4388
HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting XSS attacks by allowing users to embed arbitrary JavaScript code in the Web UI...
CVE-2019-4388
HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting XSS attacks by allowing users to embed arbitrary JavaScript code in the Web UI...
Cross site scripting
HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting XSS attacks by allowing users to embed arbitrary JavaScript code in the Web UI...
HCL AppScan Source Code Issue Vulnerability
HCL AppScan Source is a suite of dynamic analysis and testing tools from HCL India, which is mainly used for web security testing. A code issue vulnerability exists in HCL AppScan Source versions prior to 9.03.13. The vulnerability stems from an improperly designed or implemented code development...
CVE-2019-16188
HCL AppScan Source before 9.03.13 is susceptible to XML External Entity XXE attacks in multiple locations. In particular, an attacker can send a specially crafted .ozasmt file to a targeted victim and ask the victim to open it. When the victim imports the .ozasmt file in AppScan Source, the conte...
CVE-2019-16188
HCL AppScan Source before 9.03.13 is susceptible to XML External Entity XXE attacks in multiple locations. In particular, an attacker can send a specially crafted .ozasmt file to a targeted victim and ask the victim to open it. When the victim imports the .ozasmt file in AppScan Source, the conte...
Xxe
HCL AppScan Source before 9.03.13 is susceptible to XML External Entity XXE attacks in multiple locations. In particular, an attacker can send a specially crafted .ozasmt file to a targeted victim and ask the victim to open it. When the victim imports the .ozasmt file in AppScan Source, the conte...
CVE-2019-16188
The CVE-2019-16188 issue affects HCL AppScan Source prior to version 9.03.13. It allows XML External Entity (XXE) attacks via a specially crafted .ozasmt file, where, if the victim opens/imports it, the attacker can read local files accessible to the victim and exfiltrate content to a remote list...
CVE-2019-16188
HCL AppScan Source before 9.03.13 is susceptible to XML External Entity XXE attacks in multiple locations. In particular, an attacker can send a specially crafted .ozasmt file to a targeted victim and ask the victim to open it. When the victim imports the .ozasmt file in AppScan Source, the conte...