Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Smartbear Subscribe
Filtered by product Zephyr Enterprise
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-22891 1 Smartbear 1 Zephyr Enterprise 2023-03-16 N/A 8.1 HIGH
There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts.
CVE-2023-22890 1 Smartbear 1 Zephyr Enterprise 2023-03-14 N/A 7.5 HIGH
SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition.
CVE-2023-22892 1 Smartbear 1 Zephyr Enterprise 2023-03-14 N/A 7.5 HIGH
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.
CVE-2023-22889 1 Smartbear 1 Zephyr Enterprise 2023-03-14 N/A 9.8 CRITICAL
SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users.