Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
smartbear vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-22889
SmartBear Zephyr Enterprise up to and including 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users.
Smartbear Zephyr Enterprise
7.5
CVSSv3
CVE-2023-22890
SmartBear Zephyr Enterprise up to and including 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition.
Smartbear Zephyr Enterprise
7.5
CVSSv3
CVE-2023-22892
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise up to and including 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.
Smartbear Zephyr Enterprise
9.8
CVSSv3
CVE-2020-12835
An issue exists in SmartBear ReadyAPI SoapUI Pro 3.2.5. Due to unsafe use of an Java RMI based protocol in an unsafe configuration, an attacker can inject malicious serialized objects into the communication, resulting in remote code execution in the context of a client-side Netwo...
Smartbear Readyapi 3.2.5
5.3
CVSSv3
CVE-2024-22207
fastify-swagger-ui is a Fastify plugin for serving Swagger UI. before 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fix...
Smartbear Swagger Ui
5.5
CVSSv3
CVE-2021-21364
swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix-Like systems, the syste...
Smartbear Swagger-codegen
6.1
CVSSv3
CVE-2021-46708
The swagger-ui-dist package prior to 4.1.3 for Node.js could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actio...
Smartbear Swagger-ui-dist
6.1
CVSSv3
CVE-2016-1000229
swagger-ui has XSS in key names
Smartbear Swagger-ui -
Redhat Jboss Fuse 6.3
Redhat Openshift 2.0
9.8
CVSSv3
CVE-2019-17495
A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI prior to 3.23.11 allows malicious users to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this pr...
Smartbear Swagger Ui
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Banking Digital Experience 19.1
Oracle Utilities Framework 4.4.0.2.0
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Primavera Gateway
Oracle Banking Platform
Oracle Banking Digital Experience 21.1
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience
4 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2