Lucene search
K

297 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:28 p.m.3 views

Malicious code in CData.Snowflake.API (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSV
OSV
added 2024/06/25 1:28 p.m.4 views

MAL-2024-4438 Malicious code in CData.Snowflake.API (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:28 p.m.5 views

Malicious code in CData.NetSuite.Net.Framework (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
GithubExploit
GithubExploit
added 2024/05/07 10:42 a.m.430 views

Exploit for CVE-2024-31848

Exploiting CData within Jetty servers - CVE-2024-31848/49/50/5...

9.8CVSS7AI score0.08151EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2024/04/19 12:0 a.m.6 views

The vulnerability in the embedded Jetty server of the CData Connect integration, analysis, and data management platform allows attackers to escalate their privileges.

The vulnerability of the embedded Jetty server in the CData Connect integration, analysis, and data management platform is related to errors in processing the relative path to the catalog. Exploiting this vulnerability can allow a malicious actor to increase their privileges by sending specially...

10CVSS5.4AI score0.06076EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/19 12:0 a.m.7 views

The vulnerability in the embedded Jetty server of the CData Sync integration and replication tool allows a perpetrator to gain unauthorized access to protected information and perform arbitrary actions within the system.

The vulnerability in the embedded Jetty server of the CData Sync integration and replication tool is related to errors in processing the relative path to the directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected...

9CVSS5.6AI score0.02885EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/19 12:0 a.m.6 views

The vulnerability in the embedded Jetty server of the CData Arc (ArcESB) business process automation platform allows a perpetrator to gain unauthorized access to protected information and perform arbitrary actions within the system.

The vulnerability of the embedded Jetty server in the CData Arc ArcESB business process automation platform is related to errors in processing the relative path to the catalog. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...

9CVSS5.6AI score0.03037EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2024/04/05 6:15 p.m.24 views

CVE-2024-31850

A path traversal vulnerability exists in the Java version of CData Arc 23.4.8839 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions...

8.6CVSS8.6AI score0.03037EPSS
Exploits0References1
NVD
NVD
added 2024/04/05 6:15 p.m.17 views

CVE-2024-31849

A path traversal vulnerability exists in the Java version of CData Connect 23.4.8846 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application...

9.8CVSS9.7AI score0.06076EPSS
Exploits0References1
NVD
NVD
added 2024/04/05 6:15 p.m.24 views

CVE-2024-31851

A path traversal vulnerability exists in the Java version of CData Sync 23.4.8843 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions...

8.6CVSS8.6AI score0.02885EPSS
Exploits0References1
NVD
NVD
added 2024/04/05 6:15 p.m.28 views

CVE-2024-31848

A path traversal vulnerability exists in the Java version of CData API Server 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application...

9.8CVSS9.6AI score0.08151EPSS
Exploits1References1
CVE
CVE
added 2024/04/05 5:43 p.m.77 views

CVE-2024-31851

CVE-2024-31851 – Path traversal in CData Sync (Java, embedded Jetty) Affected software: CData Sync Java edition prior to 23.4.8843 running with the embedded Jetty server. Vulnerability: Path traversal vulnerability allowing an unauthenticated remote attacker to access sensitive information and pe...

8.6CVSS6.8AI score0.02885EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/05 5:43 p.m.22 views

CVE-2024-31851

A path traversal vulnerability exists in the Java version of CData Sync 23.4.8843 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions...

8.6CVSS8.8AI score0.02885EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/05 5:43 p.m.14 views

CVE-2024-31851

A path traversal vulnerability exists in the Java version of CData Sync 23.4.8843 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions...

8.6CVSS6.9AI score0.02885EPSS
Exploits0References1
CVE
CVE
added 2024/04/05 5:42 p.m.84 views

CVE-2024-31850

CVE-2024-31850 affects CData Arc prior to 23.4.8839 (Java version) running with embedded Jetty. A path traversal flaw can let an unauthenticated remote attacker access sensitive information and perform limited actions via crafted HTTP requests. Root cause described as errors in handling relative ...

8.6CVSS6.8AI score0.03037EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/05 5:42 p.m.13 views

CVE-2024-31850

A path traversal vulnerability exists in the Java version of CData Arc 23.4.8839 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions...

8.6CVSS6.9AI score0.03037EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/05 5:42 p.m.30 views

CVE-2024-31850

A path traversal vulnerability exists in the Java version of CData Arc 23.4.8839 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions...

8.6CVSS9.2AI score0.03037EPSS
Exploits0References1
CVE
CVE
added 2024/04/05 5:40 p.m.76 views

CVE-2024-31849

CVE-2024-31849 – Path traversal in CData Connect (Java)" Affected: CData Connect Java versions prior to 23.4.8846 when using the embedded Jetty server. Vulnerability: Path traversal could let an unauthenticated remote attacker gain complete administrative access to the application. Impact: High —...

9.8CVSS7.2AI score0.06076EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/05 5:40 p.m.24 views

CVE-2024-31849

A path traversal vulnerability exists in the Java version of CData Connect 23.4.8846 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application...

9.8CVSS9.8AI score0.06076EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/05 5:40 p.m.13 views

CVE-2024-31849

A path traversal vulnerability exists in the Java version of CData Connect 23.4.8846 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application...

9.8CVSS7.3AI score0.06076EPSS
Exploits0References1
Rows per page
Query Builder