CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

82 matches found

CNVD•added 2020/10/21 12:0 a.m.•7 views

Unspecified Vulnerability in HCL AppScan (CNVD-2021-13713)

HCL AppScan is a suite of dynamic analysis testing tools from HCL India. The tool is mainly used for web security testing. A security vulnerability exists in HCL AppScan Enterprise that stems from the use of broken or risky encryption algorithms to store REST API user details. No detailed...

5.3CVSS6.8AI score0.00536EPSS

Exploits0References1

CNVD•added 2020/10/21 12:0 a.m.•5 views

Unspecified Vulnerability in HCL AppScan

HCL AppScan is a suite of dynamic analysis testing tools from HCL India. The tool is mainly used for web security testing. A security vulnerability exists in HCL AppScan Enterprise, which stems from the lack of HTTP Strict-Transport-Security header in the Management section of the Enterprise...

7.5CVSS6.9AI score0.01058EPSS

Exploits0References1

NVD•added 2020/10/06 6:15 p.m.•16 views

CVE-2019-4326

"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."...

7.5CVSS0.01058EPSS

Exploits0References1

OSV•added 2020/10/06 6:15 p.m.•3 views

CVE-2019-4325

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...

5.3CVSS6.1AI score0.00536EPSS

Exploits0References1

NVD•added 2020/10/06 6:15 p.m.•19 views

CVE-2019-4325

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...

5.3CVSS0.00536EPSS

Exploits0References1

Prion•added 2020/10/06 6:15 p.m.•17 views

Design/Logic Flaw

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...

5CVSS5.3AI score0.00536EPSS

Exploits0References1Affected Software1

Prion•added 2020/10/06 6:15 p.m.•12 views

Design/Logic Flaw

"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."...

5CVSS7.6AI score0.01058EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/10/06 5:22 p.m.•15 views

CVE-2019-4326

"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."...

7.7AI score0.01058EPSS

Exploits0References1

Cvelist•added 2020/10/06 5:18 p.m.•25 views

CVE-2019-4325

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...

5.3AI score0.00536EPSS

Exploits0References1

CNVD•added 2020/07/08 12:0 a.m.•8 views

HCL AppScan Cross-Site Scripting Vulnerability

HCL AppScan is a suite of dynamic analysis testing tools from HCL India, which is primarily used for web security testing. A cross-site scripting vulnerability exists in HCL AppScan Enterprise Edition version 10.0.0 and earlier. The vulnerability stems from the lack of proper validation of...

6.1CVSS6.4AI score0.00648EPSS

Exploits0References1

CNVD•added 2020/07/08 12:0 a.m.•9 views

Unspecified Vulnerability in HCL AppScan Enterprise advisory API

HCL AppScan Enterprise is a suite of dynamic analysis and testing tools from HCL India, which is primarily used for web security testing. A security vulnerability exists in the Advisory API documentation in HCL AppScan Enterprise 10.0.0 and earlier versions. The vulnerability can be exploited by ...

4.3CVSS6.8AI score0.0075EPSS

Exploits0References1

OSV•added 2020/07/07 3:15 p.m.•3 views

CVE-2019-4324

"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."...

6.1CVSS6.4AI score0.00648EPSS

Exploits0References2

OSV•added 2020/07/07 3:15 p.m.•5 views

CVE-2019-4323

"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."...

4.3CVSS5.8AI score

Exploits0References2

NVD•added 2020/07/07 3:15 p.m.•18 views

CVE-2019-4323

"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."...

4.3CVSS0.0075EPSS

Exploits0References2

NVD•added 2020/07/07 3:15 p.m.•18 views

CVE-2019-4324

"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."...

6.1CVSS0.00648EPSS

Exploits0References2

Prion•added 2020/07/07 3:15 p.m.•22 views

Spoofing

"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."...

4.3CVSS4.6AI score0.0075EPSS

Exploits0References2Affected Software1

Prion•added 2020/07/07 3:15 p.m.•16 views

Cross site scripting

"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."...

4.3CVSS6AI score0.00648EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/07/07 2:49 p.m.•15 views

CVE-2019-4323

"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."...

4.6AI score0.0075EPSS

Exploits0References2

Cvelist•added 2020/07/07 2:45 p.m.•20 views

CVE-2019-4324

"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."...

6AI score0.00648EPSS

Exploits0References2

NVD•added 2020/04/21 7:15 p.m.•19 views

CVE-2019-4327

"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."...

7.5CVSS7.5AI score0.01015EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by