CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2026/01/15 12:31 a.m.•1 views

EUVD-2026-2665

A reflected cross-site scripting vulnerability exists in Nexus Repository 3 that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser through a specially crafted request requiring user interaction...

5.1CVSS6.1AI score0.0029EPSS

Exploits0References3

Vulnrichment•added 2026/01/14 10:29 p.m.•2 views

CVE-2026-0600 Nexus Repository 3 - Server-Side Request Forgery in Proxy Repository Configuration

Server-Side Request Forgery SSRF vulnerability in Sonatype Nexus Repository 3 versions 3.0.0 and later allows authenticated administrators to configure proxy repositories with URLs that can access unintended network destinations, potentially including cloud metadata services and internal network...

6.2CVSS6.4AI score0.0009EPSS

Exploits0References1

NVD•added 2026/01/14 10:15 p.m.•3 views

CVE-2026-0601

5.1CVSS0.0029EPSS

Exploits0References2

Cvelist•added 2026/01/14 10:5 p.m.•18 views

CVE-2026-0601 Nexus Repository 3 - Cross-Site Scripting

5.1CVSS0.0029EPSS

Exploits0References2

Cvelist•added 2025/12/04 6:16 p.m.•19 views

CVE-2025-13488 Nexus Repository 3 - Stored Cross-Site Scripting (XSS)

Due to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting XSS vulnerability with user conte...

5.1CVSS0.00059EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-17555

Malware in sbrugna...

5.3CVSS5.5AI score0.00144EPSS

Exploits0References2

NVD•added 2024/05/16 4:15 p.m.•29 views

CVE-2024-4956

Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1...

7.5CVSS7.4AI score0.94028EPSS

Exploits16References1

Vulnrichment•added 2024/05/16 3:31 p.m.•47 views

CVE-2024-4956 Nexus Repository 3 - Path Traversal

Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1...

7.5CVSS6.7AI score0.94028EPSS

Exploits16References1

CNNVD•added 2021/11/03 12:0 a.m.•1 views

Sonatype Nexus Repository 代码问题漏洞

Sonatype Nexus Repository is a repository manager from Sonatype, Inc. that is used for managing, storing, and distributing software, among other things. A security vulnerability exists in Sonatype Nexus Repository 3, which stems from a lack of validation and filtering of user-submitted input on t...

4.3CVSS5.2AI score0.00237EPSS

Exploits0References3

OSV•added 2021/09/08 5:42 p.m.•52 views

GHSA-F34X-8PF6-QC9C HTTP header injection in Sonatype Nexus Repository

Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance...

8.2CVSS8.2AI score0.02208EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by