21 matches found
EUVD-2021-15620
Malware in sbrugna...
EUVD-2024-54412
Malicious code in bioql PyPI...
EUVD-2024-32561
Malicious code in bioql PyPI...
CVE-2024-3995
In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins...
CVE-2024-11084
Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an attacker to determine whether a username exists...
CVE-2024-11084
Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an attacker to determine whether a username exists...
CVE-2024-11084 Potential Username Enumeration in Helix ALM
Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an attacker to determine whether a username exists...
CVE-2024-11084
CVE-2024-11084 affects Perforce Helix ALM prior to 2025.1. The issue is that authentication returns distinct error responses, enabling an attacker to determine whether a username exists (username enumeration). The connected sources (RH Red Hat, NVD, CVE Lists, CNNVD) corroborate the same descript...
CVE-2024-11084 Potential Username Enumeration in Helix ALM
Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an attacker to determine whether a username exists...
CVE-2024-3995
In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins...
CVE-2024-3995
CVE-2024-3995 affects Perforce Helix ALM versions prior to 2024.2.0, with a local command injection vulnerability identified (reported by Bryan Riggins). Affected component: Helix ALM prior to 2024.2.0. Root cause: local command injection as described in multiple sources. Impact details are limit...
CVE-2024-3995 Command Injection in Helix ALM
In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins...
Perforce Helix ALM Security Vulnerability
Perforce Helix ALM is an application lifecycle management software from Perforce. A security vulnerability exists in Perforce Helix ALM versions prior to 2024.2.0 that stems from the presence of local command injection...
PT-2024-28752 · Perforce · Helix Alm
Name of the Vulnerable Software and Affected Versions: Helix ALM versions prior to 2024.2.0 Description: A local command injection issue was identified. The issue was reported by Bryan Riggins. Recommendations: For Helix ALM versions prior to 2024.2.0, update to version 2024.2.0 or later to resol...
CVE-2021-28973
The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build 22 accepts XML input data that is parsed by insecurely configured software components, leading to XXE attacks...
CVE-2021-28973
The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build 22 accepts XML input data that is parsed by insecurely configured software components, leading to XXE attacks...
Input validation
The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build 22 accepts XML input data that is parsed by insecurely configured software components, leading to XXE attacks...
CVE-2021-28973
The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build 22 accepts XML input data that is parsed by insecurely configured software components, leading to XXE attacks...
CVE-2021-28973
CVE-2021-28973 affects Perforce Helix ALM 2020.3.1 Build 22, where the XML Import functionality processes XML input with an insecurely configured XML parser . This leads to XXE attacks . The connected Red Hat entry confirms the same description. The documents do not provide explicit exploitation ...
Perforce Software Perforce Helix ALM 代码问题漏洞
Perforce Software Perforce Helix ALM is an application software from Perforce Software, Inc. It provides application lifecycle management for products. A security vulnerability exists in Perforce Helix ALM 2020.3.1 Build 22, which stems from the XML Import feature accepting XML input data parsed ...