Lucene search
K

16 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/10 9:58 a.m.4 views

CVE-2025-40587

A vulnerability has been identified in Polarion V2404 All versions V2404.5, Polarion V2410 All versions V2410.2. The affected application allows arbitrary JavaScript code be included in document titles. This could allow an authenticated remote attacker to conduct a stored cross-site scripting...

7.6CVSS5.4AI score0.00264EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54492

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00268EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-54494

Malicious code in bioql PyPI...

7.1CVSS6.4AI score0.00443EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-54477

Malicious code in bioql PyPI...

6.9CVSS6.4AI score0.00396EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/15 10:10 a.m.12 views

CVE-2024-51446

A vulnerability has been identified in Polarion V2310 All versions, Polarion V2404 All versions V2404.4. The file upload feature of the affected application improperly sanitizes xml files. This could allow an authenticated remote attacker to conduct a stored cross-site scripting attack by uploadi...

6.5CVSS5.9AI score0.00268EPSS
Exploits0References1
NVD
NVD
added 2025/05/13 10:15 a.m.18 views

CVE-2024-51444

A vulnerability has been identified in Polarion V2310 All versions, Polarion V2404 All versions V2404.4. The application insufficiently validates user input for database read queries. This could allow an authenticated remote attacker to conduct an SQL injection attack that bypasses authorization...

7.1CVSS0.00443EPSS
Exploits0References1
NVD
NVD
added 2025/05/13 10:15 a.m.9 views

CVE-2024-51446

A vulnerability has been identified in Polarion V2310 All versions, Polarion V2404 All versions V2404.4. The file upload feature of the affected application improperly sanitizes xml files. This could allow an authenticated remote attacker to conduct a stored cross-site scripting attack by uploadi...

6.5CVSS0.00268EPSS
Exploits0References1
NVD
NVD
added 2025/05/13 10:15 a.m.8 views

CVE-2024-51445

A vulnerability has been identified in Polarion V2310 All versions, Polarion V2404 All versions V2404.4. The affected application contains a XML External Entity Injection XXE vulnerability in the docx import feature. This could allow an authenticated remote attacker to read arbitrary data from th...

7.1CVSS0.00448EPSS
Exploits0References1
OSV
OSV
added 2025/05/13 10:15 a.m.4 views

CVE-2024-51444

A vulnerability has been identified in Polarion V2310 All versions, Polarion V2404 All versions V2404.4. The application insufficiently validates user input for database read queries. This could allow an authenticated remote attacker to conduct an SQL injection attack that bypasses authorization...

7.1CVSS5.8AI score0.00443EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/13 9:38 a.m.14 views

CVE-2024-51447

A vulnerability has been identified in Polarion V2310 All versions, Polarion V2404 All versions V2404.2. The login implementation of the affected application contains an observable response discrepancy vulnerability when validating usernames. This could allow an unauthenticated remote attacker to...

6.9CVSS0.00396EPSS
Exploits0References1
CVE
CVE
added 2025/05/13 9:38 a.m.37 views

CVE-2024-51447

CVE-2024-51447 affects Siemens Polarion: login validation exposes an observable response discrepancy that lets an unauthenticated attacker distinguish valid from invalid usernames. Affected products: Polarion V2310 (All versions) and Polarion V2404 (All versions

6.9CVSS7.2AI score0.00396EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/13 9:38 a.m.6 views

CVE-2024-51446

A vulnerability has been identified in Polarion V2310 All versions, Polarion V2404 All versions V2404.4. The file upload feature of the affected application improperly sanitizes xml files. This could allow an authenticated remote attacker to conduct a stored cross-site scripting attack by uploadi...

6.5CVSS6.1AI score0.00268EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/13 9:38 a.m.14 views

CVE-2024-51445

A vulnerability has been identified in Polarion V2310 All versions, Polarion V2404 All versions V2404.4. The affected application contains a XML External Entity Injection XXE vulnerability in the docx import feature. This could allow an authenticated remote attacker to read arbitrary data from th...

7.1CVSS0.00448EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/13 9:38 a.m.10 views

CVE-2024-51444

A vulnerability has been identified in Polarion V2310 All versions, Polarion V2404 All versions V2404.4. The application insufficiently validates user input for database read queries. This could allow an authenticated remote attacker to conduct an SQL injection attack that bypasses authorization...

7.1CVSS0.00443EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.8 views

PT-2025-20845 · Siemens · Polarion

Name of the Vulnerable Software and Affected Versions: Polarion V2310 All versions Polarion V2404 versions prior to V2404.4 Description: A vulnerability has been identified in the affected application, which contains a XML External Entity Injection XXE vulnerability in the docx import feature. Th...

7.1CVSS6.5AI score0.00448EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.5 views

PT-2025-20844 · Siemens · Polarion

Name of the Vulnerable Software and Affected Versions: Polarion V2310 All versions Polarion V2404 versions prior to V2404.4 Description: The application insufficiently validates user input for database read queries, which could allow an authenticated remote attacker to conduct an SQL injection...

7.1CVSS6.9AI score0.00443EPSS
Exploits0References5
Rows per page
Query Builder