Vulnerabilities (CVE)

Filtered by vendor Smartbear Subscribe
Filtered by product Readyapi
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-12835 1 Smartbear 1 Readyapi 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered in SmartBear ReadyAPI SoapUI Pro 3.2.5. Due to unsafe use of an Java RMI based protocol in an unsafe configuration, an attacker can inject malicious serialized objects into the communication, resulting in remote code execution in the context of a client-side Network Licensing Protocol component.
CVE-2019-12180 1 Smartbear 2 Readyapi, Soapui 2023-12-10 9.3 HIGH 7.8 HIGH
An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5. When opening a project, the Groovy "Load Script" is automatically executed. This allows an attacker to execute arbitrary Groovy Language code (Java scripting language) on the victim machine by inducing it to open a malicious Project. The same issue is present in the "Save Script" function, which is executed automatically when saving a project.
CVE-2018-20580 1 Smartbear 1 Readyapi 2023-12-10 9.3 HIGH 8.8 HIGH
The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.