Hp Loadrunner vulnerabilities

25 known vulnerabilities affecting hp/loadrunner.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL12HIGH10MEDIUM3

Vulnerabilities

Page 1 of 2

CVE-2017-8953MEDIUMCVSS 5.4≤ 12.532018-02-15

CVE-2017-8953 [MEDIUM] CWE-79 CVE-2017-8953: A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Perfo A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found.

nvd

CVE-2017-5789CRITICALCVSS 9.8≤ 12.532017-10-11

CVE-2017-5789 [CRITICAL] CWE-119 CVE-2017-5789: HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote att HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.

nvd

CVE-2016-4384HIGHCVSS 8.6≤ 12.022016-09-21

CVE-2016-4384 [HIGH] CVE-2016-4384: HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a de HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors.

nvd

CVE-2016-4360CRITICALCVSS 9.1v11.52v12.00+3 more2016-06-08

CVE-2016-4360 [CRITICAL] CVE-2016-4360: web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 1 web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 d

nvd

CVE-2016-4359CRITICALCVSS 9.8v11.52v12.00+3 more2016-06-08

CVE-2016-4359 [CRITICAL] CWE-119 CVE-2016-4359: Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attack

nvd

CVE-2016-4361HIGHCVSS 7.5v11.52v12.00+3 more2016-06-08

CVE-2016-4361 [HIGH] CVE-2016-4361: HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through pa HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors.

nvd

CVE-2015-6857HIGHCVSS 7.2v11.52v12.00+3 more2015-11-26

CVE-2015-6857 [HIGH] CVE-2015-6857: Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138.

nvd

CVE-2015-5426MEDIUMCVSS 4.6≤ 12.492015-09-16

CVE-2015-5426 [MEDIUM] CVE-2015-5426: Unspecified vulnerability in HP LoadRunner Controller before 12.50 allows local users to gain privil Unspecified vulnerability in HP LoadRunner Controller before 12.50 allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2756.

nvd

CVE-2015-2110CRITICALCVSS 10.0v11.522015-05-25

CVE-2015-2110 [CRITICAL] CWE-119 CVE-2015-2110: Buffer overflow in HP LoadRunner 11.52 allows remote attackers to execute arbitrary code via unspeci Buffer overflow in HP LoadRunner 11.52 allows remote attackers to execute arbitrary code via unspecified vectors.

nvd

CVE-2013-6213CRITICALCVSS 10.0≤ 11.52v11.0.0.0+2 more2014-04-19

CVE-2013-6213 [CRITICAL] CVE-2013-6213: Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows rem Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1833.

nvd

CVE-2013-4838CRITICALCVSS 10.0≤ 11.51v9.0.0+5 more2013-11-04

CVE-2013-4838 [CRITICAL] CVE-2013-4838: Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote atta Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.

nvd

CVE-2013-4837CRITICALCVSS 10.0PoC≤ 11.51v9.0.0+5 more2013-11-04

CVE-2013-4837 [CRITICAL] CVE-2013-4837: Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote atta Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1832.

nvd

CVE-2013-4839HIGHCVSS 7.5≤ 11.51v9.0.0+5 more2013-11-04

CVE-2013-4839 [HIGH] CVE-2013-4839: Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote atta Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1851.

nvd

CVE-2013-4800CRITICALCVSS 9.3PoC≤ 11.51v9.0.0+5 more2013-07-29

CVE-2013-4800 [CRITICAL] CVE-2013-4800: Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.

nvd

CVE-2013-4798CRITICALCVSS 10.0PoC≤ 11.51v9.0.0+5 more2013-07-29

CVE-2013-4798 [CRITICAL] CVE-2013-4798: Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705.

nvd

CVE-2013-4799HIGHCVSS 7.6≤ 11.51v9.0.0+5 more2013-07-29

CVE-2013-4799 [HIGH] CVE-2013-4799: Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1734.

nvd

CVE-2013-2370HIGHCVSS 7.5PoC≤ 11.51v9.0.0+5 more2013-07-29

CVE-2013-2370 [HIGH] CVE-2013-2370: Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1671.

nvd

CVE-2013-4797HIGHCVSS 7.5≤ 11.51v9.0.0+5 more2013-07-29

CVE-2013-4797 [HIGH] CVE-2013-4797: Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1690.

nvd

CVE-2013-2369HIGHCVSS 7.5≤ 11.51v9.0.0+5 more2013-07-29

CVE-2013-2369 [HIGH] CVE-2013-2369: Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1670.

nvd

CVE-2013-4801HIGHCVSS 7.5≤ 11.51v9.0.0+5 more2013-07-29

CVE-2013-4801 [HIGH] CVE-2013-4801: Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1736.

nvd

1 / 2Next →