Vulnerabilities > Perforce > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-30 | CVE-2024-5249 | Authentication Bypass by Capture-replay vulnerability in Perforce Akana API In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed. | 7.5 |
| 2024-02-01 | CVE-2024-0325 | Command Injection vulnerability in Perforce Helix Sync In Helix Sync versions prior to 2024.1, a local command injection was identified. | 7.8 |
| 2023-11-08 | CVE-2023-35767 | Resource Exhaustion vulnerability in Perforce Helix Core In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. | 7.5 |
| 2023-11-08 | CVE-2023-45319 | Unspecified vulnerability in Perforce Helix Core In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the commit function was identified. | 7.5 |
| 2023-11-08 | CVE-2023-5759 | Unspecified vulnerability in Perforce Helix Core In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the buffer was identified. | 7.5 |
| 2017-04-06 | CVE-2015-8965 | Permissions, Privileges, and Access Controls vulnerability in multiple products Rogue Wave JViews before 8.8 patch 21 and 8.9 before patch 1 allows remote attackers to execute arbitrary Java code that exists in the classpath, such as test code or administration code. | 7.5 |
| 2010-03-05 | CVE-2010-0934 | OS Command Injection vulnerability in Perforce Server 2008.1 The triggers functionality in Perforce Server 2008.1 allows remote authenticated users with super privileges to execute arbitrary operating-system commands by using a "p4 client" command in conjunction with the form-in trigger script. | 7.1 |
| 2008-03-14 | CVE-2008-1338 | Numeric Errors vulnerability in Perforce Server The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a server-DiffFile command with an integer value within a certain range, which causes a loop until all memory is exhausted. | 7.8 |
| 2007-12-20 | CVE-2007-6349 | Resource Management Errors vulnerability in Perforce P4Web 2006.1/2006.2 P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windows, allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with an empty body and a Content-Length greater than 0. | 7.8 |