Lucene search
K
HpPerformance Center

11 matches found

CVE
CVE
added 2010/05/07 5:43 p.m.93 views

CVE-2010-1549

CVE-2010-1549 affects HP LoadRunner Agent (Windows) prior to v9.50 and HP Performance Center prior to v9.50. The vulnerability lies in the magentproc.exe TCP service (port 54345) where a crafted, unauthenticated packet can trigger remote code execution (context: SYSTEM). Publicly documented explo...

10CVSS7.6AI score0.78962EPSS
CVE
CVE
added 2016/06/08 2:0 p.m.62 views

CVE-2016-4359

CVE-2016-4359 involves a stack-based buffer overflow in mchan.dll of HPE LoadRunner/Performance Center. The flaw occurs when constructing a shared memory/file name or processing a long -server_name value, allowing an unauthenticated attacker to remotely execute arbitrary code. Affected products i...

9.8CVSS9.8AI score0.1577EPSS
CVE
CVE
added 2017/11/03 6:0 p.m.61 views

CVE-2017-14359

CVE-2017-14359 describes a cross-site scripting vulnerability in HPE Performance Center 12.20 . The issue arises from the product failing to filter user-submitted input, enabling a remote attacker to execute script code in the context of an affected web interface. Connected documents corroborate ...

5.4CVSS5.2AI score0.0053EPSS
CVE
CVE
added 2016/06/08 2:0 p.m.60 views

CVE-2016-4360

The CVE-2016-4360 issue affects Hewlett Packard Enterprise LoadRunner/Performance Center components (notably the Virtual Table Server import_csv feature). The root cause is that web/admin/data.js in the VTS component does not restrict file paths sent to unlink, enabling an unauthenticated remote ...

9.1CVSS9.1AI score0.08566EPSS
Web
CVE
CVE
added 2018/02/15 10:0 p.m.59 views

CVE-2017-8953

CVE-2017-8953 describes a remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center v12.53 and earlier. The root cause is improper input filtering of user-submitted content, allowing attacker-controlled input to be reflected in a vulnerable co...

5.4CVSS5.3AI score0.00798EPSS
CVE
CVE
added 2016/06/08 2:0 p.m.57 views

CVE-2016-4361

CVE-2016-4361 affects HP LoadRunner and HP Performance Center. Multiple components (e.g., magentservice.exe) are vulnerable to remote denial of service via malformed requests (xdr_string handling) or related malformed packets, allowing a remote attacker to crash the service. Affected products/ver...

7.5CVSS7.7AI score0.07613EPSS
CVE
CVE
added 2017/10/13 2:0 a.m.57 views

CVE-2017-5789

CVE-2017-5789 affects HP LoadRunner (before 12.53 Patch 4) and HP Performance Center (before 12.53 Patch 4). The root cause is a heap‑based buffer overflow in the libxdrutil.dll mxdr_string function, due to insufficient validation of user data length. This leads to remote code execution without a...

9.8CVSS9.7AI score0.17864EPSS
CVE
CVE
added 2015/11/26 2:0 a.m.53 views

CVE-2015-6857

CVE-2015-6857 affects HP LoadRunner’s Virtual Table Server (VTS). The vulnerability enables remote code execution in VTS via unauthenticated access, with HP/Nessus/ZDI references detailing concrete vectors: HP LoadRunner VTS running 11.52, 12.00, 12.01, 12.02, or 12.50 is exploitable through a re...

7.2CVSS7.9AI score0.0375EPSS
CVE
CVE
added 2016/09/21 1:0 a.m.50 views

CVE-2016-4384

CVE-2016-4384 applies to HPE LoadRunner and HP Performance Center prior to version 12.50. The vulnerability is a remote denial-of-service caused by improper handling of malformed packets in the mchan.dll component. Several connected sources (NVD entry, Nessus plugins) confirm a remote DoS impact ...

9CVSS8.2AI score0.03565EPSS
CVE
CVE
added 2018/02/15 10:0 p.m.49 views

CVE-2016-8512

CVE-2016-8512 concerns a remote code execution in all versions of HP LoadRunner and Performance Center via the MMS protocol. The connected sources identify a buffer overflow/RCE in the MMS handling (MMS Protocol Buffer Overflow) that can be exploited remotely by an unauthenticated attacker to exe...

9.8CVSS9.6AI score0.05646EPSS
CVE
CVE
added 2016/09/21 1:0 a.m.39 views

CVE-2016-4382

CVE-2016-4382 affects HP/HPE Performance Center versions 11.52, 12.00, 12.01, 12.20 and 12.50. The issue allows remote attackers to bypass intended access restrictions via unspecified vectors due to a “remote user validation failure.” Exploitation is described as remote, but concrete attack vecto...

8.3CVSS8.1AI score0.02225EPSS