U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:hp:loadrunner:11.50:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 17 matching records.
Displaying matches 1 through 17.
Vuln ID Summary CVSS Severity
CVE-2017-8953

A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found.

Published: February 15, 2018; 5:29:08 PM -0500 		V3.0: 5.4 MEDIUM
 V2.0: 3.5 LOW
CVE-2017-5789

HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.

Published: October 11, 2017; 5:29:00 PM -0400 		V3.0: 9.8 CRITICAL
 V2.0: 7.5 HIGH
CVE-2015-5426

Unspecified vulnerability in HP LoadRunner Controller before 12.50 allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2756.

Published: September 15, 2015; 10:00:07 PM -0400 		V3.x:(not available)
 V2.0: 4.6 MEDIUM
CVE-2013-6213

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1833.

Published: April 19, 2014; 12:49:24 AM -0400 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2013-4839

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1851.

Published: November 04, 2013; 11:55:04 AM -0500 		V3.x:(not available)
 V2.0: 7.5 HIGH
CVE-2013-4838

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.

Published: November 04, 2013; 11:55:04 AM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2013-4837

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1832.

Published: November 04, 2013; 11:55:04 AM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2013-4801

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1736.

Published: July 29, 2013; 9:59:14 AM -0400 		V3.x:(not available)
 V2.0: 7.5 HIGH
CVE-2013-4800

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.

Published: July 29, 2013; 9:59:14 AM -0400 		V3.x:(not available)
 V2.0: 9.3 HIGH
CVE-2013-4799

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1734.

Published: July 29, 2013; 9:59:14 AM -0400 		V3.x:(not available)
 V2.0: 7.6 HIGH
CVE-2013-4798

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705.

Published: July 29, 2013; 9:59:14 AM -0400 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2013-4797

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1690.

Published: July 29, 2013; 9:59:14 AM -0400 		V3.x:(not available)
 V2.0: 7.5 HIGH
CVE-2013-2370

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1671.

Published: July 29, 2013; 9:59:14 AM -0400 		V3.x:(not available)
 V2.0: 7.5 HIGH
CVE-2013-2369

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1670.

Published: July 29, 2013; 9:59:14 AM -0400 		V3.x:(not available)
 V2.0: 7.5 HIGH
CVE-2013-2368

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to cause a denial of service via unknown vectors, aka ZDI-CAN-1669.

Published: July 29, 2013; 9:59:14 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-2011-2328

Buffer overflow in HP LoadRunner allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a .usr (aka Virtual User script) file with long directives.

Published: June 02, 2011; 4:55:03 PM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2007-6530

Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function.

Published: December 27, 2007; 5:46:00 PM -0500 		V3.x:(not available)
 V2.0: 9.3 HIGH