Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

39 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 10:49 a.m.3 views

CVE-2022-37679

Miniblog.Core v1.0 was discovered to contain a cross-site scripting XSS vulnerability in the component /blog/edit. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Excerpt field...

4.8CVSS6.1AI score0.00239EPSS
Exploits1References1
EUVD
EUVDadded 2025/11/04 1:16 a.m.1 views

EUVD-2025-37679

This issue was addressed with improved checks This issue is fixed in Safari 26.1, visionOS 26.1, watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS6AI score0.00071EPSS
Exploits0References6
OSV
OSVadded 2025/08/14 6:52 p.m.1 views

MAL-2025-37679 Malicious code in umbrella-conifer-vgl2 (npm)

The package umbrella-conifer-vgl2 was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 9:30 a.m.7 views

CVE-2024-37679

Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp parameter...

6.1CVSS7.3AI score0.00372EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 2:11 a.m.8 views

CVE-2023-43208

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...

9.8CVSS7.9AI score0.94416EPSS
Exploits22References1
RedhatCVE
RedhatCVEadded 2025/02/06 4:49 a.m.5 views

CVE-2021-37679

TensorFlow is an end-to-end open source platform for machine learning. In affected versions it is possible to nest a tf.mapfn within another tf.mapfn call. However, if the input tensor is a RaggedTensor and there is no function signature provided, code assumes the output is a fully specified tens...

7.8CVSS6.8AI score0.00032EPSS
Exploits0References1
NVD
NVDadded 2024/06/24 7:15 p.m.20 views

CVE-2024-37679

Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp parameter...

6.1CVSS0.00372EPSS
Exploits1References1
GithubExploit
GithubExploitadded 2024/03/17 8:44 a.m.246 views

Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect

RCE vulnerability in Mirth Connect CVE-2023-37679 and CVE-202...

9.8CVSS9.7AI score0.94416EPSS
Exploits22
0day.today
0day.todayadded 2024/01/31 12:0 a.m.515 views

Mirth Connect 4.4.0 Remote Command Execution Exploit

A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was identified by IHTeam and...

9.8CVSS7.3AI score0.94416EPSS
Exploits22
Packet Storm
Packet Stormadded 2024/01/31 12:0 a.m.528 views

Mirth Connect 4.4.0 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mirth Connect Deserialization RCE', 'Description' = %q A vulnerability exists within Mirth Connect due to its mishandling of deserialized data...

9.8CVSS7.4AI score0.94416EPSS
Exploits22
Metasploit
Metasploitadded 2024/01/30 7:51 p.m.558 views

Mirth Connect Deserialization RCE

A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was identified by IHTeam and...

9.8CVSS9.5AI score0.94416EPSS
Exploits22
Tenable Nessus
Tenable Nessusadded 2023/10/27 12:0 a.m.63 views

NextGen Mirth Connect < 4.4.0 RCE (CVE-2023-37679)

According to its self-reported version, the instance of NextGen Mirth Connect running on the remote web server is 4.4.0. It is, therefore, affected by a remote code execution vulnerability that could allow a remote attacker to bypass authentication and execute arbitrary commands. Note that Nessus...

9.8CVSS9.7AI score0.93443EPSS
Exploits12References2
Circl
Circladded 2023/10/26 8:16 p.m.11 views

CVE-2023-37679

creationtimestamp| type| source ---|---|--- 2023-10-26 20:16:00+00:00| seen| https://t.me/cibsecurity/72981 2023-12-11 01:22:38+00:00| seen| https://t.me/arpsyndicate/1685 2024-01-30 16:05:09+00:00| seen|...

9.8CVSS8.1AI score0.93443EPSS
In wildExploits12References4
OSV
OSVadded 2023/10/26 5:15 p.m.31 views

CVE-2023-43208

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...

9.8CVSS8.1AI score0.94416EPSS
Exploits21References3
Prion
Prionadded 2023/10/26 5:15 p.m.42 views

Remote code execution

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...

7.5CVSS9.8AI score0.94416EPSS
Exploits22References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2023/10/26 12:0 a.m.42 views

CVE-2023-43208

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679. Recent assessments: ccondon-r7 at January 27, 2024 7:41pm UTC reported: Knocking down attacker value a bi...

9.8CVSS9.8AI score0.94416EPSS
In wildExploits22References3
Cvelist
Cvelistadded 2023/10/26 12:0 a.m.26 views

CVE-2023-43208

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...

10AI score0.94416EPSS
Exploits21References2
OSV
OSVadded 2023/08/03 3:15 a.m.32 views

CVE-2023-37679

A remote command execution RCE vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server...

9.8CVSS8.2AI score
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2023/08/03 3:15 a.m.4 views

CVE-2023-37679

A remote command execution RCE vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server...

9.8CVSS8.1AI score0.93443EPSS
Exploits12References7
CVE
CVEadded 2023/08/03 12:0 a.m.187 views

CVE-2023-37679

CVE-2023-37679 / CVE-2023-43208 (NextGen HealthCare Mirth Connect) : Open-source data integration platform vulnerable to unauthenticated remote code execution due to improper/deserialization handling. Affects Mirth Connect versions prior to 4.4.1 (PoCs and advisories reference vulnerable ranges i...

9.8CVSS9.7AI score0.93443EPSS
In wildExploits12References4Affected Software1
Rows per page
Query Builder