Filtered by vendor Perforce
Subscriptions
Total
28 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-8067 | 1 Perforce | 1 Helix Core | 2024-11-21 | 9.4 Critical |
| In versions of Helix Core prior to 2024.1 Patch 2 (2024.1/2655224) a Windows ANSI API Unicode "best fit" argument injection was identified. | ||||
| CVE-2024-10314 | 1 Perforce | 1 Helix Core | 2024-11-12 | N/A |
| In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the auto-generation function was identified. Reported by Karol Więsek. | ||||
| CVE-2024-10345 | 1 Perforce | 1 Helix Core | 2024-11-12 | N/A |
| In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Więsek. | ||||
| CVE-2023-35767 | 1 Perforce | 1 Helix Core | 2024-11-11 | 7.5 High |
| In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Jason Geffner. | ||||
| CVE-2023-5759 | 1 Perforce | 1 Helix Core | 2024-11-11 | 7.5 High |
| In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the buffer was identified. Reported by Jason Geffner. | ||||
| CVE-2023-45319 | 1 Perforce | 1 Helix Core | 2024-11-11 | 7.5 High |
| In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the commit function was identified. Reported by Jason Geffner. | ||||
| CVE-2024-5250 | 1 Perforce | 1 Akana Api | 2024-10-01 | 3.5 Low |
| In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations | ||||
| CVE-2024-5249 | 1 Perforce | 1 Akana Api | 2024-10-01 | 5.4 Medium |
| In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed. | ||||
| CVE-2024-3930 | 1 Perforce | 1 Akana Api | 2024-09-30 | 6.3 Medium |
| In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE) was discovered. | ||||
| CVE-2010-0933 | 1 Perforce | 1 Perforce Server | 2024-09-17 | N/A |
| Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. (dot dot) in the argument to the "p4 add" command. | ||||
| CVE-2010-0930 | 1 Perforce | 1 Perforce Server | 2024-09-17 | N/A |
| The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (infinite loop) via crafted data that includes a byte sequence of 0xdc, 0xff, 0xff, and 0xff immediately before the client protocol version number. | ||||
| CVE-2010-0932 | 1 Perforce | 1 Perforce Server | 2024-09-17 | N/A |
| The FTP server in Perforce Server 2008.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a certain MKD command. | ||||
| CVE-2010-0931 | 1 Perforce | 1 Perforce Server | 2024-09-17 | N/A |
| The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (daemon crash) via crafted data, possibly involving a large sndbuf value. | ||||
| CVE-2022-2394 | 1 Perforce | 1 Puppet Bolt | 2024-09-16 | 4.1 Medium |
| Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise. | ||||
| CVE-2010-0934 | 1 Perforce | 1 Perforce Server | 2024-09-16 | N/A |
| The triggers functionality in Perforce Server 2008.1 allows remote authenticated users with super privileges to execute arbitrary operating-system commands by using a "p4 client" command in conjunction with the form-in trigger script. | ||||
| CVE-2010-0929 | 1 Perforce | 1 Perforce Server | 2024-09-16 | N/A |
| The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial of service (daemon crash) via crafted data beginning with a byte sequence of 0x4c, 0xb3, 0xff, 0xff, and 0xff. | ||||
| CVE-2010-0935 | 1 Perforce | 1 Perforce Server | 2024-09-16 | N/A |
| Perforce Server 2009.2 and earlier, when the protection table is empty, allows remote authenticated users to obtain super privileges via a "p4 protect" command. | ||||
| CVE-2018-1000147 | 1 Perforce | 1 Perforce | 2024-09-16 | N/A |
| An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them | ||||
| CVE-2007-6349 | 1 Perforce | 1 P4web | 2024-08-07 | N/A |
| P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windows, allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with an empty body and a Content-Length greater than 0. | ||||
| CVE-2007-0100 | 1 Perforce | 1 Perforce Client | 2024-08-07 | N/A |
| The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows remote attackers to overwrite arbitrary files by modifying the client config file on the server, or by operating a malicious server. | ||||