Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
smartbear vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-41657
SmartBear CodeCollaborator v6.1.6102 exists to contain a vulnerability in the web UI which would allow an malicious user to conduct a clickjacking attack.
Smartbear Collaborator 6.1.6102
4.3
CVSSv2
CVE-2016-1000229
swagger-ui has XSS in key names
Smartbear Swagger-ui -
Redhat Jboss Fuse 6.3
Redhat Openshift 2.0
4.3
CVSSv2
CVE-2016-5682
Swagger-UI prior to 2.2.1 has XSS via the Default field in the Definitions section.
Smartbear Swagger-ui
2.1
CVSSv2
CVE-2021-21364
swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix-Like systems, the syste...
Smartbear Swagger-codegen
NA
CVE-2024-22207
fastify-swagger-ui is a Fastify plugin for serving Swagger UI. before 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fix...
Smartbear Swagger Ui
NA
CVE-2023-22889
SmartBear Zephyr Enterprise up to and including 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users.
Smartbear Zephyr Enterprise
NA
CVE-2023-22891
There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise up to and including 7.15.0 that could be exploited by authorized users to reset passwords for other accounts.
Smartbear Zephyr Enterprise
NA
CVE-2023-22890
SmartBear Zephyr Enterprise up to and including 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition.
Smartbear Zephyr Enterprise
NA
CVE-2023-22892
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise up to and including 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.
Smartbear Zephyr Enterprise
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2