Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
appscan vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-4326
"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."
Hcltech Appscan
6.4
CVSSv2
CVE-2019-4391
HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data
Hcltech Appscan
10
CVSSv2
CVE-2019-4392
HCL AppScan Standard Edition 9.0.3.13 and previous versions uses hard-coded credentials which can be exploited by malicious users to get unauthorized access to the system.
Hcltech Appscan
5
CVSSv2
CVE-2019-4327
"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by malicious users to get unauthorized access to application's encrypted files."
Hcltech Appscan
5
CVSSv2
CVE-2019-4393
HCL AppScan Standard is vulnerable to excessive authorization attempts
Hcltech Appscan
5.8
CVSSv2
CVE-2012-0738
IBM Security AppScan Enterprise prior to 8.6.0.2 and Rational Policy Tester prior to 8.5.0.3 do not validate X.509 certificates during scanning, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary certificate.
Ibm Security Appscan 8.0.0.0
Ibm Security Appscan 6.1.1.0
Ibm Security Appscan 6.0.2.0
Ibm Security Appscan 6.0.1.0
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 8.0.0.1
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan 8.5.0.1
Ibm Security Appscan 6.0.0.0
Ibm Rational Policy Tester 8.5.0.0
Ibm Rational Policy Tester 8.0.1.1
Ibm Rational Policy Tester 5.6.0.0
Ibm Rational Policy Tester 5.5.0.2
Ibm Rational Policy Tester 8.0.1.0
Ibm Rational Policy Tester 8.0.0.2
Ibm Rational Policy Tester 5.5.0.1
Ibm Rational Policy Tester 5.5.0.0
Ibm Rational Policy Tester
Ibm Rational Policy Tester 8.5.0.1
Ibm Rational Policy Tester 5.6.0.3
Ibm Rational Policy Tester 5.6.0.2
Ibm Rational Policy Tester 5.6.0.1
5.8
CVSSv2
CVE-2012-0741
IBM Security AppScan Enterprise prior to 8.6.0.2 and Rational Policy Tester prior to 8.5.0.3 do not validate X.509 certificates during use of the Manual Explore Proxy feature, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary certificate.
Ibm Security Appscan 6.0.2.0
Ibm Security Appscan 6.0.1.0
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan 8.5.0.1
Ibm Security Appscan 6.0.0.0
Ibm Security Appscan 8.0.0.0
Ibm Security Appscan 6.1.1.0
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 8.0.0.1
Ibm Rational Policy Tester 8.0.1.0
Ibm Rational Policy Tester 8.0.0.2
Ibm Rational Policy Tester 5.5.0.1
Ibm Rational Policy Tester 5.5.0.0
Ibm Rational Policy Tester 8.0.0.1
Ibm Rational Policy Tester 8.0.0.0
Ibm Security Appscan
Ibm Rational Policy Tester 8.5.0.0
Ibm Rational Policy Tester 8.0.1.1
Ibm Rational Policy Tester 5.6.0.1
Ibm Rational Policy Tester 5.6.0.0
Ibm Rational Policy Tester 5.5.0.2
Ibm Rational Policy Tester
9.3
CVSSv2
CVE-2008-2015
Multiple absolute path traversal vulnerabilities in certain ActiveX controls in WatchFire AppScan 7.0 allow remote malicious users to create or overwrite arbitrary files via a full pathname in the argument to the (1) CompactSave and (2) SaveSession method in one control, and the ...
Watchfire Appscan 7.0
1 EDB exploit
NA
CVE-2023-37537
An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud (ASoC), may allow a local malicious user to gain elevated privileges.
Hcltech Appscan Presence
5.8
CVSSv2
CVE-2019-16188
HCL AppScan Source prior to 9.03.13 is susceptible to XML External Entity (XXE) attacks in multiple locations. In particular, an attacker can send a specially crafted .ozasmt file to a targeted victim and ask the victim to open it. When the victim imports the .ozasmt file in AppS...
Hcltech Appscan Source
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »