CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

47 matches found

RedhatCVE•added 2025/05/22 4:24 a.m.•9 views

CVE-2019-12180

An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5. When opening a project, the Groovy "Load Script" is automatically executed. This allows an attacker to execute arbitrary Groovy Language code Java scripting language on the victim machine by inducing it ...

9.3CVSS7AI score0.08637EPSS

Exploits2References1

Github Security Blog•added 2022/05/24 5:27 p.m.•30 views

Passwords transmitted in plain text by Jenkins ReadyAPI Functional Testing Plugin

ReadyAPI Functional Testing Plugin stores project passwords in job config.xml files on the Jenkins controller as part of its configuration. While these passwords are stored encrypted on disk since ReadyAPI Functional Testing Plugin 1.4, they are transmitted in plain text as part of the global...

4.3CVSS5.1AI score0.00042EPSS

Exploits0References4Affected Software1

Github Security Blog•added 2022/05/24 5:27 p.m.•20 views

Passwords stored in plain text by Jenkins ReadyAPI Functional Testing Plugin

ReadyAPI Functional Testing Plugin 1.3 and earlier stores project passwords unencrypted in job config.xml files as part of its configuration. These project passwords can be viewed by attackers with Extended Read permission or access to the Jenkins controller file system. ReadyAPI Functional Testi...

6.5CVSS6.1AI score0.00226EPSS

Exploits0References4Affected Software1

OSV•added 2022/05/24 5:27 p.m.•21 views

GHSA-Q4QQ-8Q2R-G2F2 Passwords transmitted in plain text by Jenkins ReadyAPI Functional Testing Plugin

4.3CVSS4.6AI score0.00042EPSS

Exploits0References4

OSV•added 2022/05/24 5:27 p.m.•22 views

GHSA-CCWP-633J-G29V Passwords stored in plain text by Jenkins ReadyAPI Functional Testing Plugin

4.3CVSS6.4AI score0.00226EPSS

Exploits0References4

Positive Technologies•added 2020/09/01 12:0 a.m.•2 views

PT-2020-15475 · Smartbear +2 · Readyapi Functional Testing Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins SoapUI Pro Functional Testing Plugin versions 1.5 and earlier ReadyAPI Functional Testing Plugin versions 1.5 and earlier Jenkins versions prior to 2.236, including 2.235.x LTS Description: The issue concerns the transmission of proje...

4.3CVSS4.7AI score0.00042EPSS

Exploits0References9

CNVD•added 2020/05/21 12:0 a.m.•3 views

SmartBear Software ReadyAPI Injection Vulnerability

SmartBear Software ReadyAPI is an API testing platform from SmartBear Software, USA. The platform provides security testing Secure Pro, functional testing SoapUI Pro, performance testing LoadUI Pro, service virtualization ServiceV Pro, as well as generating test reports and other functions...

9.8CVSS7AI score0.05031EPSS

Exploits3References1

NVD•added 2020/05/20 1:15 p.m.•8 views

CVE-2020-12835

An issue was discovered in SmartBear ReadyAPI SoapUI Pro 3.2.5. Due to unsafe use of an Java RMI based protocol in an unsafe configuration, an attacker can inject malicious serialized objects into the communication, resulting in remote code execution in the context of a client-side Network...

9.8CVSS9.7AI score0.05031EPSS

Exploits3References4

OSV•added 2020/05/20 1:15 p.m.•2 views

CVE-2020-12835

9.8CVSS7.8AI score

Exploits0References4

Prion•added 2020/05/20 1:15 p.m.•12 views

Remote code execution

7.5CVSS9.6AI score0.05031EPSS

Exploits3References4Affected Software1

CVE•added 2020/05/20 1:1 p.m.•78 views

CVE-2020-12835

Affected software: SmartBear ReadyAPI SoapUI Pro 3.2.5 (and related jProductivity Protection! licensing components). Issue: unsafe deserialization via a Java RMI-based protocol in an unsafe configuration that allows an attacker to inject malicious serialized objects, leading to remote code execut...

9.8CVSS9.7AI score0.05031EPSS

Exploits3References4Affected Software1

Cvelist•added 2020/05/20 1:1 p.m.•14 views

CVE-2020-12835

9.8AI score0.05031EPSS

Exploits3References4

NVD•added 2020/02/05 5:15 p.m.•9 views

CVE-2019-12180

9.3CVSS7.5AI score0.08637EPSS

Exploits2References1

OSV•added 2020/02/05 5:15 p.m.•1 views

CVE-2019-12180

7.8CVSS7.4AI score0.08637EPSS

Exploits2References1

Prion•added 2020/02/05 5:15 p.m.•17 views

Design/Logic Flaw

9.3CVSS7.5AI score0.08637EPSS

Exploits2References1Affected Software2

Cvelist•added 2020/02/05 4:6 p.m.•14 views

CVE-2019-12180

7.5AI score0.08637EPSS

Exploits2References1

CVE•added 2020/02/05 4:6 p.m.•56 views

CVE-2019-12180

CVE-2019-12180 affects SmartBear ReadyAPI (up to 2.8.2 and 3.0.0) and SoapUI (up to 5.5). The Groovy Load Script (triggered on project open) and Save Script (on save) may execute arbitrary Groovy code on the victim’s machine via a malicious project, enabling code execution. The Red Hat/Redirectio...

9.3CVSS7.4AI score0.08637EPSS

Exploits2References1Affected Software2

GithubExploit•added 2020/01/20 5:33 p.m.•106 views

Exploit for CVE-2019-12180

CVE-2019-12180 Advisory & PoC SoapUI and ReadyAPI allow you t...

9.3CVSS8AI score0.08637EPSS

Exploits2

Packet Storm•added 2019/05/06 12:0 a.m.•63 views

ReadyAPI 2.5.0 / 2.6.0 Remote Code Execution

https://twitter.com/gscamelo Vendor Homepage: https://smartbear.com/product/ready-api Software Link: https://smartbear.com/product/ready-api/overview/ Github: https://github.com/gscamelo/CVE-2018-20580 Version: 2.5.0 and 2.6.0 Tested on: Windows CVE : CVE-2018-20580 I found a new vulnerability in...

9.3CVSS8.9AI score0.29749EPSS

Exploits5

0day.today•added 2019/05/06 12:0 a.m.•56 views

ReadyAPI 2.5.0 / 2.6.0 - Remote Code Execution Exploit

Exploit for multiple platform in category web applications https://twitter.com/gscamelo Vendor Homepage: https://smartbear.com/product/ready-api Software Link: https://smartbear.com/product/ready-api/overview/ Github: https://github.com/gscamelo/CVE-2018-20580 Version: 2.5.0 and 2.6.0 Tested on:...

9.3CVSS8.9AI score0.29749EPSS

Exploits5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by