Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-4810 | 1 Hp | 3 Application Lifecycle Management, Identity Driven Manager, Procurve Manager | 2024-07-16 | 10.0 HIGH | 9.8 CRITICAL |
HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplicate of CVE-2007-1036, CVE-2010-0738, and/or CVE-2012-0874. | |||||
CVE-2014-2631 | 1 Hp | 1 Application Lifecycle Management | 2024-02-04 | 4.6 MEDIUM | N/A |
Unspecified vulnerability in HP Application Lifecycle Management (aka Quality Center) 11.5x and 12.0x allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2138. | |||||
CVE-2013-4834 | 1 Hp | 1 Application Lifecycle Management | 2024-02-04 | 7.5 HIGH | N/A |
Unspecified vulnerability in the client component in HP Application LifeCycle Management (ALM) before 11 p11 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1327. | |||||
CVE-2013-4802 | 1 Hp | 1 Application Lifecycle Management | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in HP Application Lifecycle Management (ALM) Quality Center before 11.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka ZDI-CAN-1565. | |||||
CVE-2013-4836 | 1 Hp | 2 Alm Synchronizer, Application Lifecycle Management | 2024-02-04 | 7.5 HIGH | N/A |
Unspecified vulnerability in the GossipService SOAP Request implementation in the Synchronizer component before 1.4.2 in HP Application LifeCycle Management (ALM) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1759. |