Vulnerabilities > Portswigger
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-08 | CVE-2022-35406 | Open Redirect vulnerability in Portswigger Burp Suite A URL disclosure issue was discovered in Burp Suite before 2022.6. | 4.3 |
| 2021-11-30 | CVE-2021-44230 | Incorrect Permission Assignment for Critical Resource vulnerability in Portswigger Burp Suite PortSwigger Burp Suite Enterprise Edition before 2021.11 on Windows has weak file permissions for the embedded H2 database, which might lead to privilege escalation. | 6.5 |
| 2021-03-29 | CVE-2021-29416 | Unspecified vulnerability in Portswigger Burp Suite An issue was discovered in PortSwigger Burp Suite before 2021.2. | 6.5 |
| 2018-06-18 | CVE-2018-1153 | Improper Certificate Validation vulnerability in Portswigger Burp Suite 1.7.32/1.7.33 Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a couple of HTTPS requests which allows a man in the middle to modify or view traffic. | 7.4 |
| 2018-06-17 | CVE-2018-10377 | Improper Certificate Validation vulnerability in Portswigger Burp Suite PortSwigger Burp Suite before 1.7.34 has Improper Certificate Validation of the Collaborator server certificate, which might allow man-in-the-middle attackers to obtain interaction data. | 5.9 |