Lucene search
K

90 matches found

CVE
CVE
added 2024/04/22 2:7 p.m.74 views

CVE-2024-27347

CVE-2024-27347 is an SSRF vulnerability in Apache HugeGraph-Hubble. Affected software: HugeGraph-Hubble versions 1.0.0 through 1.2.x (vulnerability exists prior to 1.3.0). Root cause described across sources as an SSRF issue; exact internal vector is not detailed in the provided documents. Impact...

5.3CVSS5.2AI score0.00995EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/22 2:7 p.m.14 views

CVE-2024-27347 Apache HugeGraph-Hubble: SSRF in Hubble connection page

Server-Side Request Forgery SSRF vulnerability in Apache HugeGraph-Hubble.This issue affects Apache HugeGraph-Hubble: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue...

5.2AI score0.00995EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/22 2:7 p.m.21 views

CVE-2024-27347 Apache HugeGraph-Hubble: SSRF in Hubble connection page

Server-Side Request Forgery SSRF vulnerability in Apache HugeGraph-Hubble.This issue affects Apache HugeGraph-Hubble: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue...

6.8AI score0.00995EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/22 12:0 a.m.1 views

Apache HugeGraph 安全漏洞

Apache HugeGraph is a fast and scalable graph database from the Apache USA Foundation. A command execution vulnerability exists in Apache HugeGraph-Server, which can be exploited by an attacker to execute arbitrary commands on a system...

9.8CVSS7.7AI score0.9921EPSS
Exploits11References6
CNNVD
CNNVD
added 2024/04/22 12:0 a.m.5 views

Apache HugeGraph 代码问题漏洞

Apache HugeGraph is a fast and scalable graph database from the Apache USA Foundation. Apache HugeGraph-Hubble suffers from a server-side request forgery vulnerability that can be exploited by an attacker to conduct SSRF attacks through the use of specially crafted parameters...

5.3CVSS6.8AI score0.00995EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2024/04/22 12:0 a.m.19 views

CVE-2024-27348

RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue. Recent assessments: jheysel-r7...

9.8CVSS8.2AI score0.9921EPSS
In wildExploits11References5
CNNVD
CNNVD
added 2024/04/22 12:0 a.m.4 views

Apache HugeGraph 安全漏洞

Apache HugeGraph-Server is the United States Apache Apache Foundation of a fast, scalable graph database. A security bypass vulnerability exists in Apache HugeGraph-Server, which can be exploited by an attacker to bypass whitelisting by sending specially crafted requests in authentication mode...

9.1CVSS7AI score0.01024EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/22 12:0 a.m.8 views

PT-2024-21839 · Apache · Apache Hugegraph-Server

Name of the Vulnerable Software and Affected Versions: Apache HugeGraph-Server versions 1.0.0 through 1.2.x Description: The issue is related to an Authentication Bypass by Spoofing. Users are recommended to upgrade to a newer version to fix the issue. Recommendations: For Apache HugeGraph-Server...

9.1CVSS7.2AI score0.01024EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/04/22 12:0 a.m.13 views

PT-2024-21838 · Apache · Apache Hugegraph-Hubble

Name of the Vulnerable Software and Affected Versions: Apache HugeGraph-Hubble versions 1.0.0 through 1.2.x Description: A Server-Side Request Forgery SSRF issue affects the software, allowing unauthorized access to internal resources. Users are advised to upgrade to a fixed version to resolve th...

5.3CVSS7.3AI score0.00995EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/04/22 12:0 a.m.5 views

PT-2024-4007

Name of the Vulnerable Software and Affected Versions: Apache HugeGraph-Server versions 1.0.0 through 1.3.0 Description: The issue affects Apache HugeGraph-Server, allowing unauthenticated remote code execution and server takeover. This flaw can be exploited by attackers to bypass sandbox...

9.8CVSS10AI score0.9921EPSS
Exploits11References78
Rows per page
Query Builder