Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
914045.0%CRITICAL

Related CVEs

14
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-14591In Delphix Continuous Compliance version 2025.3.0 and later, following a recent bug fix to correctly handle CR+LF (Windows and DOS) End-of-Record (EOR) characters in delimited files, an issue was identified: using an incorrect EOR configuration can cause inaccurate parsing and leave personally identifiable information (PII) unmasked.MEDIUM5.314.9%Dec 20, 2025
CVE-2024-5250In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrationsMEDIUM5.320.5%Jul 30, 2024
CVE-2024-5249In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed.HIGH7.512.3%Jul 30, 2024
CVE-2024-3930In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE) was discovered.CRITICAL9.823.0%Jul 30, 2024
CVE-2024-0325In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by Bryan Riggins.   HIGH7.850.4%Feb 1, 2024
CVE-2023-5759In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the buffer was identified. Reported by Jason Geffner.   HIGH7.556.7%Nov 8, 2023
CVE-2023-45849An arbitrary code execution which results in privilege escalation was discovered in Helix Core versions prior to 2023.2. Reported by Jason Geffner. CRITICAL9.861.9%Nov 8, 2023
CVE-2023-45319In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the commit function was identified. Reported by Jason Geffner.  HIGH7.556.6%Nov 8, 2023
CVE-2023-35767In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Jason Geffner.   HIGH7.556.7%Nov 8, 2023
CVE-2022-2394Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise.LOW3.5Jul 19, 2022
CVE-2021-28973The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build 22 accepts XML input data that is parsed by insecurely configured software components, leading to XXE attacks.MEDIUM4.9Apr 13, 2021
CVE-2013-1410Perforce P4web 2011.1 and 2012.1 has multiple XSS vulnerabilitiesMEDIUM6.171.1%Feb 12, 2020
CVE-2018-1000147An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain themNONEApr 5, 2018
CVE-2015-8965Rogue Wave JViews before 8.8 patch 21 and 8.9 before patch 1 allows remote attackers to execute arbitrary Java code that exists in the classpath, such as test code or administration code. The issue exists because the ilog.views.faces.IlvFacesController servlet in jviews-framework-all.jar does not require explicit configuration of servlets that can be called.CRITICAL9.8Apr 6, 2017