VYPR

Application LifeCycle Management

by Microfocus

CVEs (8)

  • CVE-2013-4810CriKEVSep 16, 2013
    risk 0.85cvss 9.8epss 0.79

    HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE:…

  • CVE-2023-32266MedOct 16, 2024
    risk 0.34cvss epss 0.00

    Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management (ALM),Quality Center allows Code Inclusion. The vulnerability allows a user to archive a malicious DLLs on the system prior to the installation.   This issue affects Application Lifecycle…

  • CVE-2011-4834Dec 15, 2011
    risk 0.03cvss epss 0.01

    The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt.

  • CVE-2021-22498Jan 19, 2021
    risk 0.00cvss epss 0.01

    XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. The vulnerability affects versions 12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5. The vulnerability could be exploited…

  • CVE-2014-2631Aug 12, 2014
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in HP Application Lifecycle Management (aka Quality Center) 11.5x and 12.0x allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2138.

  • CVE-2013-4836Nov 4, 2013
    risk 0.00cvss epss 0.06

    Unspecified vulnerability in the GossipService SOAP Request implementation in the Synchronizer component before 1.4.2 in HP Application LifeCycle Management (ALM) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1759.

  • CVE-2013-4834Nov 4, 2013
    risk 0.00cvss epss 0.06

    Unspecified vulnerability in the client component in HP Application LifeCycle Management (ALM) before 11 p11 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1327.

  • CVE-2013-4802Jul 29, 2013
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Application Lifecycle Management (ALM) Quality Center before 11.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka ZDI-CAN-1565.