CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

Hoverfly < 1.10.3 - Arbitrary File Read

Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...

7.5CVSS5.9AI score0.93631EPSS

Exploits3References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-44291

Malicious code in bioql PyPI...

2.4CVSS6.6AI score0.0016EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:46 a.m.•2 views

CVE-2024-4692

Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText...

2.4CVSS6.8AI score0.0016EPSS

Exploits0

OSV•added 2024/10/16 5:15 p.m.•0 views

CVE-2024-4692

2.4CVSS5.7AI score0.0016EPSS

Exploits0References1

NVD•added 2024/10/16 5:15 p.m.•18 views

CVE-2024-4692

2.4CVSS0.0016EPSS

Exploits0References1

Cvelist•added 2024/10/16 4:41 p.m.•14 views

CVE-2024-4692 Multiple missing permission checks

1.8CVSS0.0016EPSS

Exploits0References1

CVE•added 2024/10/16 4:41 p.m.•49 views

CVE-2024-4692

CVE-2024-4692 affects OpenText Application Automation Tools (versions 24.1.0 and below). Root cause: improper validation of input quantity and multiple missing permission checks in the Service Virtualization configuration. Impact: could allow users with Overall/Read permission to enumerate Servic...

2.4CVSS4.9AI score0.0016EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/10/16 12:0 a.m.•1 views

PT-2024-32283 · Opentext · Opentext Application Automation Tools

Name of the Vulnerable Software and Affected Versions: OpenText Application Automation Tools versions 24.1.0 and below Description: The issue is related to improper validation of specified quantity in input, allowing exploitation of incorrectly configured access control security levels. Multiple...

2.4CVSS7.4AI score0.0016EPSS

Exploits0References6

NVD•added 2024/09/02 6:15 p.m.•13 views

CVE-2024-45388

7.5CVSS0.93631EPSS

Exploits3References4

Vulnrichment•added 2024/09/02 4:7 p.m.•17 views

CVE-2024-45388 Arbitrary file read in the `/api/v2/simulation` endpoint in hoverfly (`GHSL-2023-274`)

7.5CVSS6.8AI score0.93631EPSS

Exploits3References4

Github Security Blog•added 2022/05/24 5:46 p.m.•24 views

SSL/TLS certificate validation unconditionally disabled by Jenkins Micro Focus Application Automation Tools Plugin

Micro Focus Application Automation Tools Plugin 6.7 and earlier unconditionally disables SSL/TLS certificate validation for connections to Service Virtualization servers. Micro Focus Application Automation Tools Plugin 6.8 no longer disables SSL/TLS certificate validation unconditionally by...

6.5CVSS3AI score0.00091EPSS

Exploits0References4Affected Software1

OSV•added 2022/05/24 5:46 p.m.•23 views

GHSA-Q296-9J5X-FXF4 SSL/TLS certificate validation unconditionally disabled by Jenkins Micro Focus Application Automation Tools Plugin

4.8CVSS6.4AI score0.00091EPSS

Exploits0References4

CNVD•added 2021/02/06 12:0 a.m.•5 views

HCL OneTest License Issue Vulnerability

HCL OneTest is a software testing tool from HCL India that provides multiple testing options. The software supports API testing, functional testing, UI testing, performance testing and service virtualization to support software automation testing. An authorization issue vulnerability exists in HC...

9.8CVSS7AI score0.00392EPSS

Exploits0References1

OSV•added 2018/08/30 9:29 p.m.•2 views

CVE-2018-6499

Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite...

9.8CVSS5.9AI score0.01475EPSS

Exploits0References6

Prion•added 2018/08/30 9:29 p.m.•11 views

Remote code execution

7.5CVSS9.6AI score0.01475EPSS

Exploits0References6Affected Software8

NVD•added 2018/08/30 9:29 p.m.•10 views

CVE-2018-6499

9.8CVSS7.9AI score0.01475EPSS

Exploits0References6

Cvelist•added 2018/08/30 9:0 p.m.•11 views

CVE-2018-6499

7.1CVSS9.8AI score0.01475EPSS

Exploits0References6

CVE•added 2018/08/30 9:0 p.m.•46 views

CVE-2018-6499

CVE-2018-6499 describes a Remote Code Execution vulnerability affecting multiple HPE/Software Group containerized and related suites, including Hybrid Cloud Management, Operations Bridge Containerized Suite, Data Center Automation, Service Management Automation, Service Virtualization (SV), Unifi...

9.8CVSS9.6AI score0.01475EPSS

Exploits0References6Affected Software5

Check Point Advisories•added 2014/08/10 12:0 a.m.•1 views

HP Service Virtualization AutoPass License Server Directory Traversal (CVE-2013-6221)

A code execution vulnerability exists in HP Service Virtualization running the AutoPass License Server. A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to the vulnerable service. Successful exploitation of this vulnerability could result in creation ...

10CVSS3.4AI score0.84144EPSS

Exploits4

Exploit DB•added 2014/06/27 12:0 a.m.•30 views

HP AutoPass License Server - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'HP AutoPass License Server File Upload', 'Description' = %q This module exploits a code execution flaw in HP AutoPass License Server...

10CVSS7.4AI score0.84144EPSS

Exploits4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by