Eclipse Glassfish 代码注入漏洞

Eclipse Glassfish is an application server developed by the Eclipse Foundation. Eclipse Glassfish has a code injection vulnerability. This vulnerability stems from allowing users with panel access rights to send custom requests, thereby enabling them to execute arbitrary operating system commands...

EUVD-2024-54790

Malicious code in bioql PyPI...

EUVD-2024-54793

Malicious code in bioql PyPI...

EUVD-2024-54789

Malicious code in bioql PyPI...

EUVD-2024-2746

Malicious code in bioql PyPI...

EUVD-2023-0320

Malicious code in bioql PyPI...

EUVD-2024-2827

Malicious code in bioql PyPI...

EUVD-2024-54791

Malicious code in bioql PyPI...

EUVD-2023-2849

Malicious code in bioql PyPI...

EUVD-2024-54792

Malicious code in bioql PyPI...

EUVD-2024-54788

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-2712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'...

CVE-2024-10032

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console...

CVE-2024-10031

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site Scripting attacks by modifying the configuration file in the underlying operating system...

CVE-2024-9408

In Eclipse GlassFish since version 6.2.5 it is possible to perform a Server Side Request Forgery attack in specific endpoints...

CVE-2024-9342

In Eclipse GlassFish version 7.0.16 or earlier it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts...

CVE-2024-10029

In Eclipse GlassFish version 7.0.15 is possible to perform Reflected Cross-site scripting attacks in the Administration Console...

CVE-2024-9343

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console...

Eclipse GlassFish is vulnerable to Server Side Request Forgery attacks through specific endpoints

In Eclipse GlassFish version 6.2.5, it is possible to perform a Server Side Request Forgery attack using specific endpoints...

GHSA-F7H5-C625-3795 Eclipse GlassFish is vulnerable to Server Side Request Forgery attacks through specific endpoints

In Eclipse GlassFish version 6.2.5, it is possible to perform a Server Side Request Forgery attack using specific endpoints...