Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
smartbear vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2021-21363
swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix like systems, the syste...
Smartbear Swagger-codegen
6.1
CVSSv3
CVE-2021-46708
The swagger-ui-dist package prior to 4.1.3 for Node.js could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actio...
Smartbear Swagger-ui-dist
6.1
CVSSv3
CVE-2021-41657
SmartBear CodeCollaborator v6.1.6102 exists to contain a vulnerability in the web UI which would allow an malicious user to conduct a clickjacking attack.
Smartbear Collaborator 6.1.6102
6.1
CVSSv3
CVE-2016-1000229
swagger-ui has XSS in key names
Smartbear Swagger-ui -
Redhat Jboss Fuse 6.3
Redhat Openshift 2.0
6.1
CVSSv3
CVE-2016-5682
Swagger-UI prior to 2.2.1 has XSS via the Default field in the Definitions section.
Smartbear Swagger-ui
5.5
CVSSv3
CVE-2021-21364
swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix-Like systems, the syste...
Smartbear Swagger-codegen
5.3
CVSSv3
CVE-2024-22207
fastify-swagger-ui is a Fastify plugin for serving Swagger UI. before 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fix...
Smartbear Swagger Ui
4.3
CVSSv3
CVE-2018-25031
Swagger UI prior to 4.1.3 could allow a remote malicious user to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
Smartbear Swagger Ui
9 Github repositories
NA
CVE-2014-1202
The WSDL/WADL import functionality in SoapUI prior to 4.6.4 allows remote malicious users to execute arbitrary Java code via a crafted request parameter in a WSDL file.
Smartbear Soapui
Smartbear Soapui 4.6.2
Smartbear Soapui 4.0
Eviware Soapui 3.5.1
Eviware Soapui 3.5
Smartbear Soapui 4.5.1
Smartbear Soapui 4.5
Eviware Soapui 3.0.1
Eviware Soapui 2.5.1
Smartbear Soapui 4.0.1
Eviware Soapui 3.6.1
Eviware Soapui 3.6
Smartbear Soapui 4.6.1
Smartbear Soapui 4.6.0
Smartbear Soapui 4.5.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2