45 matches found
OESA-2026-2646 assimp security update
Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was detected in Assi...
CVE-2025-10199
A local privilege escalation vulnerability exists in Sunshine for Windows version v2025.122.141614 and likely prior versions due to an unquoted service path...
CVE-2020-10199
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection issue 1 of 2...
CVE-2025-10199
creationtimestamp| type| source ---|---|--- 2025-04-14 02:55:03+00:00| seen| https://bsky.app/profile/intelrob.bsky.social/post/3lmqkqvdgqs2y...
Linux Distros Unpatched Vulnerability : CVE-2016-10199
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The qtdemuxtagaddstrfull function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service...
CVE-2024-10199
creationtimestamp| type| source ---|---|--- 2024-10-21 05:08:02+00:00| seen| https://t.me/cvedetector/8446...
CVE-2024-10199 code-projects Pharmacy Management System Manage Medicines Page manage_medicine.php cross site scripting
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /managemedicine.php of the component Manage Medicines Page. The manipulation of the argument...
CVE-2024-10199 code-projects Pharmacy Management System Manage Medicines Page manage_medicine.php cross site scripting
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /managemedicine.php of the component Manage Medicines Page. The manipulation of the argument...
RHEL 6 : mingw-virt-viewer (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gstreamer-plugins-bad-free: Invalid memory read in gstpsdemuxparsepsm CVE-2017-5848 - The...
Sonatype Nexus Repository Manager 3.x < 3.21.2 RCE
The Sonatype Nexus Repository Manager server application running on the remote host is version 3.x prior to 3.21.2. It is, therefore, affected by a remote code execution vulnerability, which allows for an attacker with any type of account on NXRM to execute arbitrary code by crafting a malicious...
VulnCheck KEV: CVE-2020-10199
Sonatype Nexus Repository contains an unspecified vulnerability that allows for remote code execution...
SUSE: Security Advisory (SUSE-SU-2017:1010-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Sonatype Nexus 3.21.1 Remote Code Execution
Exploit Title: Sonatype Nexus 3.21.1 - Remote Code Execution Authenticated Exploit Author: 1F98D Original Author: Alvaro Muñoz Date: 27 May 2020 Vendor Hompage: https://www.sonatype.com/ CVE: CVE-2020-10199 Tested on: Windows 10 x64 References:...
Important: Red Hat Security Advisory: Red Hat support for Spring Boot 2.1.12 security and bug fix update
An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Exploit for Expression Language Injection in Sonatype Nexus
Nexus Repository Manager 3 Vuln 影响版本:= 3.21.2 CVE-2020-10199、CVE-2020-10204、CVE-2020-11444 CVE-2020-10199 远程代码命令执行 回显poc 不回显poc $\A''.getClass.forName'java.lang.Runtime'.getMethods6.invokenull.exec'touch /tmp/cve-2020-10199' 普通用户权限 /service/rest/beta/repositories/go/group 需要管理员权限 1...
Sonatype Nexus Repository Manager Remote Code Execution (CVE-2020-10199)
A remote code execution vulnerability exists in Sonatype Nexus Repository Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Nexus Repository Manager - Java EL Injection RCE (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nexus Repository Manager Java EL Injection RCE', 'Description' = %q This module exploits a Java Expression Language EL injection in Nexus...
Exploit for Expression Language Injection in Sonatype Nexus
PoC exploit for CVE-2020-10199, a remote code execution vulnerab...
CVE-2020-10199
creationtimestamp| type| source ---|---|--- 2020-04-16 00:38:18+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/nexusrepomanagerelinjection.rb 2020-04-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48343 2021-01-06...
Nexus Repository Manager 3.21.1-01 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nexus Repository Manager Java EL Injection RCE', 'Description' = %q This module exploits a Java Expression Language EL injection in Nexus...