Lucene search
K

82 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:16 a.m.12 views

CVE-2019-4391

HCL AppScan Standard is vulnerable to XML External Entity Injection XXE attack when processing XML data...

8.2CVSS7.3AI score0.01231EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:15 a.m.10 views

CVE-2019-4326

"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."...

7.5CVSS7.1AI score0.01071EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/15 6:10 p.m.9 views

CVE-2024-30143

HCL AppScan Traffic Recorder fails to adequately neutralize special characters within the filename, potentially allowing it to resolve to a location beyond the restricted directory. Potential exploits can completely disrupt or takeover the application or the computer where the application is...

4.3CVSS6.8AI score0.00357EPSS
Exploits0References4
NVD
NVD
added 2025/03/13 6:15 p.m.12 views

CVE-2024-30143

HCL AppScan Traffic Recorder fails to adequately neutralize special characters within the filename, potentially allowing it to resolve to a location beyond the restricted directory. Potential exploits can completely disrupt or takeover the application or the computer where the application is...

4.3CVSS0.00357EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/13 5:34 p.m.8 views

CVE-2024-30143 A path traversal vulnerability in HCL AppScan Traffic Recorder

HCL AppScan Traffic Recorder fails to adequately neutralize special characters within the filename, potentially allowing it to resolve to a location beyond the restricted directory. Potential exploits can completely disrupt or takeover the application or the computer where the application is...

4.3CVSS4.6AI score0.00357EPSS
Exploits0References2
CVE
CVE
added 2025/03/13 5:34 p.m.45 views

CVE-2024-30143

CVE-2024-30143 describes a path traversal vulnerability in the HCL AppScan Traffic Recorder. The root cause is failure to adequately neutralize special characters in filenames, which could allow resolution beyond restricted directories and potentially enable disruption or takeover of the applicat...

4.3CVSS4.6AI score0.00357EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/13 5:34 p.m.18 views

CVE-2024-30143 A path traversal vulnerability in HCL AppScan Traffic Recorder

HCL AppScan Traffic Recorder fails to adequately neutralize special characters within the filename, potentially allowing it to resolve to a location beyond the restricted directory. Potential exploits can completely disrupt or takeover the application or the computer where the application is...

4.3CVSS0.00357EPSS
Exploits0References2
OSV
OSV
added 2024/10/31 9:15 a.m.4 views

CVE-2024-30149

HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...

6.5CVSS5.8AI score0.00167EPSS
Exploits0References1
NVD
NVD
added 2024/10/31 9:15 a.m.12 views

CVE-2024-30149

HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...

6.5CVSS0.00167EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/31 8:25 a.m.11 views

CVE-2024-30149 HCL AppScan Source is affected by an expired TLS/SSL certificate

HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...

4.8CVSS7AI score0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/31 8:25 a.m.18 views

CVE-2024-30149 HCL AppScan Source is affected by an expired TLS/SSL certificate

HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...

4.8CVSS0.00167EPSS
Exploits0References1
CVE
CVE
added 2024/10/31 8:25 a.m.61 views

CVE-2024-30149

CVE-2024-30149 affects HCL AppScan Source versions 10.6.0 and earlier, with a root cause of improper validation of a TLS/SSL certificate for an executable. Public sources consistently state the issue in the AppScan Source

6.5CVSS5.2AI score0.00167EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/10/31 12:0 a.m.5 views

HCL AppScan 安全漏洞

HCL AppScan is a suite of dynamic analysis testing tools from HCL Corporation, USA, which is primarily used for Web security testing. A security vulnerability exists in HCL AppScan version 10.6.0 and prior versions that stems from not properly validating the TLS/SSL certificate of an executable...

4.8CVSS6.7AI score0.00167EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.5 views

PT-2024-23213 · Hcl · Hcl Appscan Source

Name of the Vulnerable Software and Affected Versions: HCL AppScan Source versions 10.6.0 and below Description: The issue is related to improper validation of a TLS/SSL certificate for an executable. This could potentially lead to security risks if exploited. Recommendations: For HCL AppScan...

4.8CVSS6.9AI score0.00167EPSS
Exploits0References5
OSV
OSV
added 2023/10/17 3:15 p.m.5 views

CVE-2023-37537

An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud ASoC, may allow a local attacker to gain elevated privileges...

7.8CVSS5.8AI score0.00169EPSS
Exploits0References1
NVD
NVD
added 2023/10/17 3:15 p.m.17 views

CVE-2023-37537

An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud ASoC, may allow a local attacker to gain elevated privileges...

7.8CVSS7.7AI score0.00169EPSS
Exploits0References1
Prion
Prion
added 2023/10/17 3:15 p.m.22 views

Design/Logic Flaw

An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud ASoC, may allow a local attacker to gain elevated privileges...

4.3CVSS7.6AI score0.00169EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/17 2:58 p.m.11 views

CVE-2023-37537 HCL AppScan Presence deployed as Windows service might be vulnerable to an Unquoted Service Path vulnerability

An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud ASoC, may allow a local attacker to gain elevated privileges...

7.8CVSS6.8AI score0.00169EPSS
Exploits0References1
CVE
CVE
added 2023/10/17 2:58 p.m.67 views

CVE-2023-37537

CVE-2023-37537 concerns an unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud (ASoC). The underlying issue is an unquoted service path that can be abused by a local attacker to gain elevated privileges. The CVSS metrics shown (LOCAL ...

7.8CVSS7.6AI score0.00169EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/17 2:58 p.m.19 views

CVE-2023-37537 HCL AppScan Presence deployed as Windows service might be vulnerable to an Unquoted Service Path vulnerability

An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud ASoC, may allow a local attacker to gain elevated privileges...

7.8CVSS8.4AI score0.00169EPSS
Exploits0References1
Rows per page
Query Builder