Lucene search
K

59 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-32460

Malicious code in bioql PyPI...

7.5CVSS5.9AI score0.0059EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-49084

Malicious code in bioql PyPI...

6.1CVSS5.5AI score0.00375EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-55058

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00148EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-21266

Malicious code in bioql PyPI...

9.8CVSS7.9AI score0.00589EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-31363

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00423EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-31311

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00733EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/06/10 12:0 a.m.7 views

The vulnerability of the file loading function in the Polarion ALM application lifecycle management tool allows attackers to carry out XSS attacks.

The vulnerability of the file loading function in the Polarion ALM application lifecycle management tool is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform XSS attacks remotely...

6.5CVSS5.4AI score0.00268EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/10 12:0 a.m.5 views

The vulnerability of the DOCX import function in the Polarion ALM software for application lifecycle management allows a hacker to read arbitrary files.

The vulnerability of the DOCX import function in the Polarion ALM application lifecycle management software is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a malicious actor to read arbitrary files remotely...

6.8CVSS5.5AI score0.00448EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 8:43 a.m.6 views

CVE-2024-33647

A vulnerability has been identified in Polarion ALM All versions V2404.0. The Apache Lucene based query engine in the affected application lacks proper access controls. This could allow an authenticated user to query items beyond the user's allowed projects...

6.5CVSS6.7AI score0.00423EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.8 views

CVE-2023-28828

A vulnerability has been identified in Polarion ALM All versions V22R2. The application contains a XML External Entity Injection XXE vulnerability. This could allow an attacker to view files on the application server filesystem...

7.5CVSS6.9AI score0.0059EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:14 a.m.11 views

CVE-2022-46265

A vulnerability has been identified in Polarion ALM All versions V2304.0. The affected application contains a Host header injection vulnerability that could allow an attacker to spoof a Host header information and redirect users to malicious websites...

6.1CVSS6.6AI score0.00375EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:30 a.m.9 views

CVE-2024-23813

A vulnerability has been identified in Polarion ALM All versions V2404.0. The REST API endpoints of doorsconnector of the affected product lacks proper authentication. An unauthenticated attacker could access the endpoints, and potentially execute code...

9.8CVSS7AI score0.00589EPSS
Exploits0References1
CNVD
CNVD
added 2024/05/16 12:0 a.m.5 views

Siemens Polarion ALM Improper Access Control Vulnerability

Polarion ALM is an application lifecycle management solution that improves the software development process with a single unified solution for requirements, coding, testing and release. Siemens Polarion ALM suffers from an Improper Access Control vulnerability due to a lack of proper access contr...

6.5CVSS6.7AI score0.00423EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 4:17 p.m.21 views

CVE-2024-33647

A vulnerability has been identified in Polarion ALM All versions V2404.0. The Apache Lucene based query engine in the affected application lacks proper access controls. This could allow an authenticated user to query items beyond the user's allowed projects...

6.5CVSS6.2AI score0.00423EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/14 10:3 a.m.20 views

CVE-2024-33647

A vulnerability has been identified in Polarion ALM All versions V2404.0. The Apache Lucene based query engine in the affected application lacks proper access controls. This could allow an authenticated user to query items beyond the user's allowed projects...

6.5CVSS6.4AI score0.00423EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/14 10:3 a.m.15 views

CVE-2024-33647

A vulnerability has been identified in Polarion ALM All versions V2404.0. The Apache Lucene based query engine in the affected application lacks proper access controls. This could allow an authenticated user to query items beyond the user's allowed projects...

6.5CVSS6.5AI score0.00423EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 10:3 a.m.57 views

CVE-2024-33647

CVE-2024-33647 affects Polarion ALM: all versions before V2404.0. The Apache Lucene–based query engine lacks proper access controls, potentially allowing an authenticated user to query items beyond their allowed projects. Public details in connected sources confirm the vulnerability class as impr...

6.5CVSS6.3AI score0.00423EPSS
Exploits0References1
ICS
ICS
added 2024/05/14 12:0 a.m.25 views

Siemens Polarion ALM

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

6.5CVSS6.6AI score0.00423EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2024/03/29 12:0 a.m.13 views

Siemens Polarion ALM Detection

Binary data siemenspolarionalmdetect.nbin...

7.3AI score
Exploits0References1
CNVD
CNVD
added 2024/02/21 12:0 a.m.12 views

Siemens Polarion ALM Faulty Default Privileges Vulnerability

Polarion ALM is an application lifecycle management solution that improves the software development process with a single, unified solution for requirements, coding, testing and release. Siemens Polarion ALM has a false default privilege vulnerability that can be exploited by an attacker to...

7.8CVSS7.8AI score0.00148EPSS
Exploits0References1
Rows per page
Query Builder