Latest CVE Reports

CVE Description

CVE

SmartBear Zephyr Enterprise  through 7.15.0 mishandles user-defined input during  report generation. This could lead to remote code execution by unauthenticated users.

CVE-2023-22889

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22889

 SmartBear Zephyr Enterprise  through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition.

CVE-2023-22890

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22890

There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts.

CVE-2023-22891

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22891

There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.

CVE-2023-22892

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22892

Close