40 matches found
Design/Logic Flaw
Jenkins SoapUI Pro Functional Testing Plugin 1.3 and earlier stores project passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by attackers with Extended Read permission, or access to the Jenkins controller file system...
CVE-2020-2251
CVE-2020-2251 affects the Jenkins SoapUI Pro Functional Testing Plugin (versions up to 1.5). The issue, described in multiple sources, is that project passwords are transmitted in plain text as part of job configuration forms within the plugin, creating a potential information disclosure risk. Se...
CVE-2020-2250
CVE-2020-2250 affects Jenkins SoapUI Pro Functional Testing Plugin 1.3 and earlier. The underlying issue is that project passwords are stored unencrypted in job config.xml files on the Jenkins controller, enabling disclosure when an attacker has Extended Read permission or file-system access to t...
Enhanced API Scanning with Postman Support in Qualys WAS
Due to the fast-growing usage of REST APIs, having a way to test them for vulnerabilities in an automated, reliable way is more important than ever. Automated testing of APIs is a little trickier than for web applications. You can't simply enter a starting URL for the scanner and click "Go"...
CVE-2018-6499
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite...
Remote code execution
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite...
CVE-2018-6499
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite...
CVE-2018-6499
CVE-2018-6499 describes a Remote Code Execution vulnerability affecting multiple HPE/Software Group containerized and related suites, including Hybrid Cloud Management, Operations Bridge Containerized Suite, Data Center Automation, Service Management Automation, Service Virtualization (SV), Unifi...
CVE-2018-6499
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite...
Multi protocol Test Suite
MTS Multi protocol Test Suite is a multi protocol testing tool specially designed for telecom IP-based architectures. With MTS Multi protocol Test Suite you get the powerful tool to: Test protocols with functional and regression tests Test load endurance and stress tests Simulate all network...
HP Unified Functional Testing ExGrid SaveXML Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Unified Functional Testing. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
HP Unified Functional Testing任意代码执行漏洞
BUGTRAQ ID: 66197 CVECAN ID: CVE-2013-6210 HP Unified Functional Testing是一款自动化软件测试解决方案。 HP Unified Functional Testing 12.0之前版本在实现上存在安全漏洞,这可使远程攻击者利用此漏洞执行任意代码。 0 HP Unified Functional Testing 12.0 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
[security bulletin] HPSBMU02967 rev.2 - HP Unified Functional Testing Running on Windows, Remote Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iNote: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04122007 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04122007 Version: 2 HPSBMU02967 rev...
HP Unified Functional Testing < 12.0 Remote Code Execution (HPSBMU02967)
The remote Windows host has a version of HP Unified Functional Testing prior to 12.0. It is, therefore, affected by an unspecified remote code execution vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid73094; scriptversion"1.5"; scriptcvsdate"Date:...
HP Unified Functional Testing远程代码执行漏洞
Bugtraq ID:66197 CVE ID:CVE-2013-6210 HP Unified Functional Testing是一款惠普推出高级现代应用测试解决方案。 HP Unified Functional Testing存在一个未明安全漏洞,允许远程攻击者利用漏洞执行任意代码。 0 HP Unified Functional Testing HP Unified Functional Testing 12.0已经修复该漏洞,建议用户下载更新:...
CVE-2013-6210
Unspecified vulnerability in HP Unified Functional Testing before 12.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1932...
CVE-2013-6210
Unspecified vulnerability in HP Unified Functional Testing before 12.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1932...
CVE-2013-6210
HP Unified Functional Testing (UFT) versions prior to 12.0 are affected by a remote code execution vulnerability (CVE-2013-6210). The root cause is a flaw in the ExGrid SaveXML path that relies on the Exontrol.Grid ActiveX control, where cell contents are not validated before being written to a f...
[OWASP Zed Attack Proxy 2.1.0] An easy to use integrated penetration testing tool for finding vulnerabilities in web applications
The OWASP Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration...
CentOS Update for systemtap CESA-2009:0373 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...