cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-4184,https://securityvulnerability.io/vulnerability/CVE-2024-4184,DTD Injection Vulnerability in OpenText Application Automation Tools,"The vulnerability in OpenText Application Automation Tools arises from an improper restriction of XML External Entity (XXE) references. This flaw enables an attacker to exploit the application by injecting a Document Type Definition (DTD), which may lead to unauthorized access to sensitive information or manipulation of the application's data. Affected versions include OpenText Application Automation Tools 24.1.0 and earlier, highlighting the critical need for immediate remediation to safeguard against potential exploits.",OpenText,Application Automation Tools,8,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-10-16T17:15:00.000Z,0
CVE-2024-4211,https://securityvulnerability.io/vulnerability/CVE-2024-4211,Invalid Permission Checks in ALM Job Configuration Could Allow Access to Sensitive Data,"Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels.


Multiple missing permission checks - ALM job config has been discovered in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate ALM server names, usernames and client IDs configured to be used with ALM servers.


This issue affects OpenText Application Automation Tools: 24.1.0 and below.",OpenText,Application Automation Tools,2.4,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-10-16T17:15:00.000Z,0
CVE-2024-4692,https://securityvulnerability.io/vulnerability/CVE-2024-4692,Incorrect Access Control Security Levels Allow for Unauthorized Data Access,"Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels.


Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate Service Virtualization server names.

This issue affects OpenText Application Automation Tools: 24.1.0 and below.",OpenText,Application Automation Tools,2.4,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-10-16T17:15:00.000Z,0