72 matches found
EUVD-2019-3829
Malware in sbrugna...
EUVD-2017-7854
Malware in sbrugna...
EUVD-2022-4884
Malicious code in bioql PyPI...
EUVD-2024-48862
Malicious code in bioql PyPI...
EUVD-2022-3564
Malicious code in bioql PyPI...
Cleartext Storage of Sensitive Information
Overview org.jenkins-ci.plugins:soapui-pro-functional-testing is a plugin used to run SoapUI Pro tests from Jenkins builds. Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information due to the storage of sensitive information such as SLM License Access Keys,...
Insufficiently Protected Credentials
Overview org.jenkins-ci.plugins:soapui-pro-functional-testing is a plugin used to run SoapUI Pro tests from Jenkins builds. Affected versions of this package are vulnerable to Insufficiently Protected Credentials in the job configuration form, where SLM License Access Keys, client secrets, and...
CVE-2020-2250
Jenkins SoapUI Pro Functional Testing Plugin 1.3 and earlier stores project passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by attackers with Extended Read permission, or access to the Jenkins controller file system...
CVE-2020-2251
Jenkins SoapUI Pro Functional Testing Plugin 1.5 and earlier transmits project passwords in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure...
CVE-2020-12835
An issue was discovered in SmartBear ReadyAPI SoapUI Pro 3.2.5. Due to unsafe use of an Java RMI based protocol in an unsafe configuration, an attacker can inject malicious serialized objects into the communication, resulting in remote code execution in the context of a client-side Network...
CVE-2019-12180
An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5. When opening a project, the Groovy "Load Script" is automatically executed. This allows an attacker to execute arbitrary Groovy Language code Java scripting language on the victim machine by inducing it ...
CVE-2024-7565
SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2024-7565
SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2024-7565 SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability
SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2024-7565
CVE-2024-7565 describes a directory traversal vulnerability in SMARTBEAR SoapUI’s unpackageAll function. The flaw stems from insufficient validation of a user-supplied path used in file operations, allowing an attacker to achieve Remote Code Execution in the context of the current user. Exploitat...
CVE-2024-7565 SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability
SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this vulnerability in that the target must visit a...
SoapUI 路径遍历漏洞
SoapUI is an open source API testing tool from SmartBear. A path traversal vulnerability exists in SoapUI that stems from a lack of proper validation before using a user-supplied path in a file operation, and a directory traversal remote code execution vulnerability that could allow a remote...
PT-2024-38423 · Smartbear · Soapui
Name of the Vulnerable Software and Affected Versions: SMARTBEAR SoapUI affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this issue, where the target mus...
SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the unpackageAll...
BIT-JENKINS-2020-2251
Jenkins SoapUI Pro Functional Testing Plugin 1.5 and earlier transmits project passwords in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure...