Eclipse Glassfish 代码注入漏洞

Eclipse Glassfish is an application server developed by the Eclipse Foundation. Eclipse Glassfish has a code injection vulnerability. This vulnerability stems from allowing users with panel access rights to send custom requests, thereby enabling them to execute arbitrary operating system commands...

EUVD-2023-0320

Malicious code in bioql PyPI...

EUVD-2024-2827

Malicious code in bioql PyPI...

EUVD-2024-54793

Malicious code in bioql PyPI...

EUVD-2024-54792

Malicious code in bioql PyPI...

EUVD-2024-54788

Malicious code in bioql PyPI...

EUVD-2023-2849

Malicious code in bioql PyPI...

EUVD-2024-54790

Malicious code in bioql PyPI...

EUVD-2024-54791

Malicious code in bioql PyPI...

EUVD-2024-54789

Malicious code in bioql PyPI...

EUVD-2024-2746

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-2712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'...

CVE-2024-10031

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site Scripting attacks by modifying the configuration file in the underlying operating system...

CVE-2024-9408

In Eclipse GlassFish since version 6.2.5 it is possible to perform a Server Side Request Forgery attack in specific endpoints...

CVE-2024-10032

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console...

CVE-2024-10029

In Eclipse GlassFish version 7.0.15 is possible to perform Reflected Cross-site scripting attacks in the Administration Console...

CVE-2024-9342

In Eclipse GlassFish version 7.0.16 or earlier it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts...

CVE-2024-9343

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console...

GHSA-F7H5-C625-3795 Eclipse GlassFish is vulnerable to Server Side Request Forgery attacks through specific endpoints

In Eclipse GlassFish version 6.2.5, it is possible to perform a Server Side Request Forgery attack using specific endpoints...

Eclipse GlassFish is vulnerable to Server Side Request Forgery attacks through specific endpoints

In Eclipse GlassFish version 6.2.5, it is possible to perform a Server Side Request Forgery attack using specific endpoints...