79 matches found
CVE-2021-22498
XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management Previously known as Quality Center product. The vulnerability affects versions 12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5. The vulnerability could be exploited to allow an XML...
EUVD-2011-4752
Malware in sbrugna...
EUVD-2013-4681
Malware in sbrugna...
EUVD-2014-2663
Malware in sbrugna...
EUVD-2013-4647
Malware in sbrugna...
EUVD-2013-4679
Malware in sbrugna...
EUVD-2024-2823
Malicious code in bioql PyPI...
EUVD-2021-9644
Malicious code in bioql PyPI...
CVE-2024-47060
Zitadel is an open source identity management platform. In Zitadel, even after an organization is deactivated, associated projects, respectively their applications remain active. Users across other organizations can still log in and access through these applications, leading to unauthorized acces...
CVE-2013-4834
Unspecified vulnerability in the client component in HP Application LifeCycle Management ALM before 11 p11 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1327...
CVE-2013-4836
Unspecified vulnerability in the GossipService SOAP Request implementation in the Synchronizer component before 1.4.2 in HP Application LifeCycle Management ALM allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1759...
CVE-2023-32266
Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management ALM,Quality Center allows Code Inclusion. The vulnerability allows a user to archive a malicious DLLs on the system prior to the installation. This issue affects Application Lifecycle Management ALM,Quality Center:...
CVE-2023-32266
CVE-2023-32266 concerns an Untrusted Search Path vulnerability in OpenText OpenText ALM/Quality Center. Reports indicate a code inclusion flaw that lets a user archive a malicious DLL on the system before installation, affecting ALM/Quality Center versions 15.00, 15.01 (including P1–P5), 15.51 (i...
CVE-2023-32266 Code injection vulnerability found in OpenText Application Lifecycle Management (ALM),Quality Center.
Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management ALM,Quality Center allows Code Inclusion. The vulnerability allows a user to archive a malicious DLLs on the system prior to the installation. This issue affects Application Lifecycle Management ALM,Quality Center:...
CVE-2023-32266 Code injection vulnerability found in OpenText Application Lifecycle Management (ALM),Quality Center.
Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management ALM,Quality Center allows Code Inclusion. The vulnerability allows a user to archive a malicious DLLs on the system prior to the installation. This issue affects Application Lifecycle Management ALM,Quality Center:...
OpenText Application Lifecycle Management 代码问题漏洞
OpenText Application Lifecycle Management OpenText ALM is an application lifecycle management from OpenText Canada. A code issue vulnerability exists in OpenText Application Lifecycle Management that originates from a code inclusion that allows a user to archive a malicious DLL into the system...
Unauthorized Access
Zitadel is vulnerable to Unauthorized Access. The vulnerability is due to the improper decoupling of the application lifecycle from the organization's lifecycle. Specifically, when an organization is deactivated in Zitadel, its associated applications remain active, allowing users from other...
CVE-2024-47060
Zitadel contains a vulnerability (CVE-2024-47060) where deactivating an organization or project does not automatically revoke access to its applications. Multiple connected sources describe that even after deactivation, associated projects/applications remain active, allowing users from other org...
CVE-2024-47060 Unauthorized Access After Organization or Project Deactivation in Zitadel
Zitadel is an open source identity management platform. In Zitadel, even after an organization is deactivated, associated projects, respectively their applications remain active. Users across other organizations can still log in and access through these applications, leading to unauthorized acces...
GHSA-JJ94-6F5C-65R8 ZITADEL Allows Unauthorized Access After Organization or Project Deactivation
Summary In Zitadel, even after an organization is deactivated, associated projects, respectively their applications remain active. Users across other organizations can still log in and access through these applications, leading to unauthorized access. Additionally, if a project was deactivated...