Loadrunner Security Vulnerabilities and Issues — Loadrunner CVE List

Lucene search

HpLoadrunner

28 matches found

CVE•added 2013/07/29 1:59 p.m.•127 views

CVE-2013-2370

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1671.

7.5CVSS7.6AI score0.8168EPSS

CVE•added 2013/07/29 1:59 p.m.•125 views

CVE-2013-2368

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to cause a denial of service via unknown vectors, aka ZDI-CAN-1669.

5CVSS6.5AI score0.02378EPSS

CVE•added 2010/05/07 6:24 p.m.•71 views

CVE-2010-1549

Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors.

10CVSS7.6AI score0.88807EPSS

CVE•added 2013/11/04 4:55 p.m.•68 views

CVE-2013-4837

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1832.

10CVSS7.6AI score0.756EPSS

Web

CVE•added 2013/07/29 1:59 p.m.•57 views

CVE-2013-4799

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1734.

7.6CVSS7.8AI score0.29172EPSS

CVE•added 2011/01/18 6:3 p.m.•54 views

CVE-2011-0272

Unspecified vulnerability in HP LoadRunner 9.52 allows remote attackers to execute arbitrary code via network traffic to TCP port 5001 or 5002, related to the HttpTunnel feature.

10CVSS7.8AI score0.36619EPSS

CVE•added 2013/07/29 1:59 p.m.•51 views

CVE-2013-4798

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705.

10CVSS7.6AI score0.82917EPSS

CVE•added 2011/06/02 8:55 p.m.•50 views

CVE-2011-2328

Buffer overflow in HP LoadRunner allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a .usr (aka Virtual User script) file with long directives.

6.8CVSS8.4AI score0.035EPSS

CVE•added 2015/05/25 5:59 p.m.•50 views

CVE-2015-2110

Buffer overflow in HP LoadRunner 11.52 allows remote attackers to execute arbitrary code via unspecified vectors.

10CVSS8.1AI score0.2781EPSS

CVE•added 2016/06/08 2:59 p.m.•49 views

CVE-2016-4359

Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through pat...

9.8CVSS9.8AI score0.30361EPSS

CVE•added 2009/10/13 10:30 a.m.•48 views

CVE-2009-3693

Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via .. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method.

9.3CVSS6.6AI score0.67424EPSS

Web

CVE•added 2013/11/04 4:55 p.m.•47 views

CVE-2013-4838

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.

10CVSS7.8AI score0.27671EPSS

CVE•added 2015/09/16 2:0 a.m.•47 views

CVE-2015-5426

Unspecified vulnerability in HP LoadRunner Controller before 12.50 allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2756.

4.6CVSS6.5AI score0.00104EPSS

CVE•added 2016/06/08 2:59 p.m.•47 views

CVE-2016-4360

web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through...

9.1CVSS9.1AI score0.06064EPSS

Web

CVE•added 2017/10/13 2:0 a.m.•47 views

CVE-2017-5789

HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.

9.8CVSS9.7AI score0.33852EPSS

CVE•added 2013/07/29 1:59 p.m.•44 views

CVE-2013-4801

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1736.

7.5CVSS7.8AI score0.07579EPSS

CVE•added 2013/07/29 1:59 p.m.•43 views

CVE-2013-2369

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1670.

7.5CVSS7.9AI score0.05869EPSS

CVE•added 2013/07/29 1:59 p.m.•42 views

CVE-2013-4800

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.

9.3CVSS7.6AI score0.72287EPSS

CVE•added 2014/04/19 4:49 a.m.•42 views

CVE-2013-6213

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1833.

10CVSS7.8AI score0.27671EPSS

CVE•added 2015/11/26 3:59 a.m.•42 views

CVE-2015-6857

Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138.

7.2CVSS7.9AI score0.02296EPSS

CVE•added 2018/02/15 10:29 p.m.•42 views

CVE-2017-8953

A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found.

5.4CVSS5.3AI score0.00309EPSS

CVE•added 2016/06/08 2:59 p.m.•41 views

CVE-2016-4361

HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to...

7.5CVSS7.7AI score0.02981EPSS

CVE•added 2013/11/04 4:55 p.m.•38 views

CVE-2013-4839

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1851.

7.5CVSS6.8AI score0.01115EPSS

CVE•added 2016/09/21 2:59 a.m.•38 views

CVE-2016-4384

HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors.

9CVSS8.2AI score0.03541EPSS

CVE•added 2018/02/15 10:29 p.m.•36 views

CVE-2016-8512

A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found.

9.8CVSS9.6AI score0.08011EPSS

CVE•added 2007/12/27 10:46 p.m.•35 views

CVE-2007-6530

Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function.

9.3CVSS7.7AI score0.65752EPSS

Web

CVE•added 2013/07/29 1:59 p.m.•35 views

CVE-2013-4797

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1690.

7.5CVSS7.9AI score0.07647EPSS

CVE•added 2010/10/28 8:0 p.m.•32 views

CVE-2010-4028

Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP LoadRunner 9.1 and earlier allows remote attackers to cause a denial of service, and possibly obtain sensitive information or modify data, via unknown vectors.

7.5CVSS7AI score0.00984EPSS