Lucene search
+L

77 matches found

NVD
NVD
added 2023/03/08 9:15 p.m.23 views

CVE-2023-22890

SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition...

7.5CVSS7.4AI score0.00644EPSS
Exploits0References1
NVD
NVD
added 2023/03/08 9:15 p.m.23 views

CVE-2023-22889

SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users...

9.8CVSS9.9AI score0.01276EPSS
Exploits0References1
NVD
NVD
added 2023/03/08 9:15 p.m.22 views

CVE-2023-22892

There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances...

7.5CVSS7.2AI score0.00595EPSS
Exploits0References1
NVD
NVD
added 2023/03/08 9:15 p.m.19 views

CVE-2023-22891

There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts...

8.1CVSS8.2AI score0.00509EPSS
Exploits0References1
Prion
Prion
added 2023/03/08 9:15 p.m.15 views

Information disclosure

There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances...

5CVSS7.2AI score0.00595EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/03/08 9:15 p.m.17 views

Race condition

SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition...

5CVSS7.4AI score0.00644EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/03/08 9:15 p.m.19 views

Design/Logic Flaw

SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users...

7.5CVSS9.7AI score0.01276EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/03/08 9:15 p.m.15 views

Privilege escalation

There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts...

5.5CVSS8.1AI score0.00509EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/08 12:0 a.m.6 views

PT-2023-18755 · Smartbear · Smartbear Zephyr Enterprise

Name of the Vulnerable Software and Affected Versions: SmartBear Zephyr Enterprise versions through 7.15.0 Description: The issue is a privilege escalation vulnerability that could be exploited by authorized users to reset passwords for other accounts. Recommendations: For SmartBear Zephyr...

8.1CVSS8.1AI score0.00509EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/03/08 12:0 a.m.24 views

CVE-2023-22891

There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts...

8.4AI score0.00509EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/08 12:0 a.m.12 views

CVE-2023-22892

There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances...

7.2AI score0.00595EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/08 12:0 a.m.5 views

PT-2023-18752 · Smartbear · Smartbear Zephyr Enterprise

Name of the Vulnerable Software and Affected Versions: SmartBear Zephyr Enterprise versions prior to 7.15.1 Description: The issue is related to the mishandling of user-defined input during report generation, which could lead to remote code execution by unauthenticated users. Recommendations: For...

9.8CVSS9.7AI score0.01276EPSS
Exploits0References4
CVE
CVE
added 2023/03/08 12:0 a.m.64 views

CVE-2023-22890

CVE-2023-22890 affects SmartBear Zephyr Enterprise up to version 7.15.0. The vulnerability allows unauthenticated users to upload large files, which can exhaust local drive space and cause a denial of service. The provided documents confirm the affected product and the exploit scenario (untrusted...

7.5CVSS7.3AI score0.00644EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/03/08 12:0 a.m.57 views

CVE-2023-22891

CVE-2023-22891 maps to a privilege-escalation in SmartBear Zephyr Enterprise up to version 7.15.0. Multiple sources indicate that authorized users could reset passwords for other accounts, enabling elevation of privileges with high impact (I/H, A/H, network vector). Publicly disclosed details are...

8.1CVSS8.1AI score0.00509EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/08 12:0 a.m.27 views

CVE-2023-22890

SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition...

7.6AI score0.00644EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/08 12:0 a.m.25 views

CVE-2023-22889

SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users...

10AI score0.01276EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/08 12:0 a.m.28 views

CVE-2023-22892

There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances...

7.4AI score0.00595EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/08 12:0 a.m.10 views

CVE-2023-22889

SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users...

8.2AI score0.01276EPSS
Exploits0References1
CVE
CVE
added 2023/03/08 12:0 a.m.58 views

CVE-2023-22892

CVE-2023-22892 : In SmartBear Zephyr Enterprise up to version 7.15.0, there exists an information disclosure vulnerability that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances. The provided documents confirm the affected product and the unauthenticated ac...

7.5CVSS7.1AI score0.00595EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/08 12:0 a.m.11 views

CVE-2023-22890

SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition...

7AI score0.00644EPSS
Exploits0References1
Rows per page
Query Builder