59 matches found
EUVD-2023-32460
Malicious code in bioql PyPI...
EUVD-2022-49084
Malicious code in bioql PyPI...
EUVD-2023-55058
Malicious code in bioql PyPI...
EUVD-2024-21266
Malicious code in bioql PyPI...
EUVD-2024-31363
Malicious code in bioql PyPI...
EUVD-2021-31311
Malicious code in bioql PyPI...
The vulnerability of the file loading function in the Polarion ALM application lifecycle management tool allows attackers to carry out XSS attacks.
The vulnerability of the file loading function in the Polarion ALM application lifecycle management tool is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform XSS attacks remotely...
The vulnerability of the DOCX import function in the Polarion ALM software for application lifecycle management allows a hacker to read arbitrary files.
The vulnerability of the DOCX import function in the Polarion ALM application lifecycle management software is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a malicious actor to read arbitrary files remotely...
CVE-2024-33647
A vulnerability has been identified in Polarion ALM All versions V2404.0. The Apache Lucene based query engine in the affected application lacks proper access controls. This could allow an authenticated user to query items beyond the user's allowed projects...
CVE-2023-28828
A vulnerability has been identified in Polarion ALM All versions V22R2. The application contains a XML External Entity Injection XXE vulnerability. This could allow an attacker to view files on the application server filesystem...
CVE-2022-46265
A vulnerability has been identified in Polarion ALM All versions V2304.0. The affected application contains a Host header injection vulnerability that could allow an attacker to spoof a Host header information and redirect users to malicious websites...
CVE-2024-23813
A vulnerability has been identified in Polarion ALM All versions V2404.0. The REST API endpoints of doorsconnector of the affected product lacks proper authentication. An unauthenticated attacker could access the endpoints, and potentially execute code...
Siemens Polarion ALM Improper Access Control Vulnerability
Polarion ALM is an application lifecycle management solution that improves the software development process with a single unified solution for requirements, coding, testing and release. Siemens Polarion ALM suffers from an Improper Access Control vulnerability due to a lack of proper access contr...
CVE-2024-33647
A vulnerability has been identified in Polarion ALM All versions V2404.0. The Apache Lucene based query engine in the affected application lacks proper access controls. This could allow an authenticated user to query items beyond the user's allowed projects...
CVE-2024-33647
A vulnerability has been identified in Polarion ALM All versions V2404.0. The Apache Lucene based query engine in the affected application lacks proper access controls. This could allow an authenticated user to query items beyond the user's allowed projects...
CVE-2024-33647
A vulnerability has been identified in Polarion ALM All versions V2404.0. The Apache Lucene based query engine in the affected application lacks proper access controls. This could allow an authenticated user to query items beyond the user's allowed projects...
CVE-2024-33647
CVE-2024-33647 affects Polarion ALM: all versions before V2404.0. The Apache Lucene–based query engine lacks proper access controls, potentially allowing an authenticated user to query items beyond their allowed projects. Public details in connected sources confirm the vulnerability class as impr...
Siemens Polarion ALM
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens Polarion ALM Detection
Binary data siemenspolarionalmdetect.nbin...
Siemens Polarion ALM Faulty Default Privileges Vulnerability
Polarion ALM is an application lifecycle management solution that improves the software development process with a single, unified solution for requirements, coding, testing and release. Siemens Polarion ALM has a false default privilege vulnerability that can be exploited by an attacker to...