CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote authenticated users to obtain sensitive information via unspecified vectors...

4CVSS6.1AI score0.00237EPSS

Exploits0References1

NVD•added 2019/06/19 5:15 p.m.•12 views

CVE-2019-11649

Cross-Site Scripting vulnerability in Micro Focus Fortify Software Security Center Server, versions 17.2, 18.1, 18.2, has been identified in Micro Focus Software Security Center. The vulnerability could be exploited to execute JavaScript code in user’s browser. The vulnerability could be exploite...

5.4CVSS5.4AI score0.00172EPSS

Exploits0References1

OSV•added 2019/06/19 5:15 p.m.•2 views

CVE-2019-11649

5.4CVSS6.1AI score

Exploits0References1

CVE•added 2019/06/19 4:6 p.m.•81 views

CVE-2019-11649

The CVE refers to a Cross-Site Scripting vulnerability in Micro Focus Fortify Software Security Center Server (SSC) affecting versions 17.2, 18.1, and 18.2. Technical details across connected sources indicate the root cause as insufficient validation of client-side data in the SSC web application...

5.4CVSS5.4AI score0.00172EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/06/19 4:6 p.m.•14 views

CVE-2019-11649 KM03461174 Micro Focus Fortify Software Security Center Server, CVE-2019-11649

5.4CVSS5.5AI score0.00172EPSS

Exploits0References1

CNVD•added 2018/12/17 12:0 a.m.•2 views

Micro Focus Fortify Software Security Center Unauthorized Access Vulnerability (CNVD-2018-25729)

Micro Focus Fortify Software Security Center SSC is a suite of software lifecycle security management solutions from Micro Focus UK. The product includes centralized management of application security, automated auditing and risk management. An unauthorized access vulnerability exists in Micro...

6.5CVSS7.1AI score0.09675EPSS

Exploits4References1

Prion•added 2018/12/13 2:29 p.m.•12 views

Design/Logic Flaw

A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center SSC, versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access...

4CVSS6.4AI score0.09675EPSS

Exploits4References2Affected Software1

NVD•added 2018/12/13 2:29 p.m.•11 views

CVE-2018-7691

A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center SSC, versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access...

6.5CVSS6.4AI score0.09675EPSS

Exploits4References2

Prion•added 2018/12/13 2:29 p.m.•12 views

Design/Logic Flaw

A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center SSC, versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access...

4CVSS6.4AI score0.09675EPSS

Exploits4References2Affected Software1

Cvelist•added 2018/12/13 2:0 p.m.•20 views

CVE-2018-7690 MFSBGN03835 rev.1 - Fortify Software Security Center (SSC), Remote Unauthorized Access

A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center SSC, versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access...

6.5CVSS6.4AI score0.09675EPSS

Exploits4References2

CVE•added 2018/12/13 2:0 p.m.•63 views

CVE-2018-7691

CVE-2018-7691 affects Micro Focus Fortify Software Security Center (SSC) versions 17.10, 17.20 and 18.10. The root cause is insecure direct object references (IDOR) in the REST API: ownership of the field "authEntities" is not properly checked, allowing remote authenticated (view-only) users to r...

6.5CVSS6.4AI score0.09675EPSS

Exploits4References2Affected Software1

Cvelist•added 2018/12/13 2:0 p.m.•12 views

CVE-2018-7691 MFSBGN03835 rev.1 - Fortify Software Security Center (SSC), Remote Unauthorized Access

A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center SSC, versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access...

6.5CVSS6.4AI score0.09675EPSS

Exploits4References2

Exploit DB•added 2018/07/16 12:0 a.m.•76 views

Fortify Software Security Center (SSC) 17.x/18.1 - XML External Entity Injection

Details ================ Software: Fortify SSC Software Security Center Version: 17.10, 17.20 & 18.10 Homepage: https://www.microfocus.com Advisory report: https://github.com/alt3kx/CVE-2018-12463 CVE: CVE-2018-12463 at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12463 CVSS: HIGH...

9.8CVSS8.7AI score0.21874EPSS

Exploits4

CNVD•added 2018/07/16 12:0 a.m.•4 views

Fortify Software Security Center (SSC) XXE Vulnerability

Micro Focus Fortify Software Security Center SSC is a software security management platform from Micro Focus UK. A XXE vulnerability exists in Fortify Software Security Center SSC that could allow a remote, unauthenticated user to read arbitrary files or conduct server-side request forgery SSRF...

9.8CVSS7.4AI score0.21874EPSS

Exploits4References1

NVD•added 2018/07/12 4:29 p.m.•19 views

CVE-2018-12463

An XML external entity XXE vulnerability in Fortify Software Security Center SSC, version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request...

9.8CVSS7.6AI score0.21874EPSS

Exploits4References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by