Every CVE whose affected-product data names Siemens Polarion Alm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2023-50236 — CVSS 7.8 (high): A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The affected product is vulnerable due to weak file and…
CVE-2024-23813 — CVSS 7.3 (high): A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The REST API endpoints of doorsconnector of the affected…
CVE-2024-51444 — CVSS 6.5 (medium): A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.4). The application…
CVE-2024-51446 — CVSS 6.5 (medium): A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.4). The file upload feature of…
CVE-2024-51445 — CVSS 6.5 (medium): A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.4). The affected application…
CVE-2021-44478 — CVSS 6.1 (medium): A vulnerability has been identified in Polarion ALM (All versions < V21 R2 P2), Polarion WebClient for SVN (All versions). A cross-site…
CVE-2023-28828 — CVSS 5.9 (medium): A vulnerability has been identified in Polarion ALM (All versions < V22R2). The application contains a XML External Entity Injection (XXE)…
CVE-2022-46265 — CVSS 5.4 (medium): A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The affected application contains a Host header injection…
CVE-2024-51447 — CVSS 5.3 (medium): A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.2). The login implementation of…