CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

234 matches found

SUSE CVE•added 2023/02/15 4:14 a.m.•4 views

SUSE CVE-2019-9629

Sonatype Nexus Repository Manager before 3.17.0 establishes a default administrator user with weak defaults fixed credentials...

9.8CVSS9.5AI score0.0146EPSS

Exploits0References4

BDU FSTEC•added 2023/02/15 12:0 a.m.•2 views

The vulnerability of Sonatype Nexus Repository Manager lies in the lack of measures to clean input data, allowing a perpetrator to execute arbitrary code.

The vulnerability of Sonatype Nexus Repository Manager is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS7.7AI score0.18396EPSS

Exploits5References4Affected Software1

BDU FSTEC•added 2022/07/01 12:0 a.m.•3 views

The vulnerability of Sonatype Nexus Repository Manager relates to insecure management of privileges, allowing a perpetrator to execute arbitrary code.

The vulnerability of Sonatype Nexus Repository Manager is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

10CVSS8.4AI score0.76526EPSS

Exploits4References3Affected Software1

Github Security Blog•added 2022/05/24 4:59 p.m.•25 views

Unrestricted Upload of File with Dangerous Type in Sonatype Nexus Repository Manager

Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution...

9CVSS2.4AI score0.03343EPSS

Exploits0References4Affected Software1

OSV•added 2022/05/24 4:59 p.m.•15 views

GHSA-HMJV-PX3J-933C Unrestricted Upload of File with Dangerous Type in Sonatype Nexus Repository Manager

Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution...

7.2CVSS7.3AI score0.03343EPSS

Exploits0References3

ATTACKERKB•added 2022/03/30 4:15 p.m.•0 views

CVE-2022-27907

Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF...

4.3CVSS5.9AI score0.00657EPSS

Exploits0References3

NVD•added 2022/03/30 4:15 p.m.•23 views

CVE-2022-27907

Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF...

4.3CVSS0.00657EPSS

Exploits0References2

Prion•added 2022/03/30 4:15 p.m.•22 views

Server side request forgery (ssrf)

Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF...

4CVSS4.8AI score0.00657EPSS

Exploits0References2Affected Software1

CVE•added 2022/03/30 3:51 p.m.•184 views

CVE-2022-27907

CVE-2022-27907 affects Sonatype Nexus Repository Manager 3.x before 3.38.0, with an SSRF vulnerability. Connected documents describe a code issue that forces the server to send a query request, enabling SSRF. Exploitation details are not provided in the sources; no in‑the‑wild exploit data is sta...

4.3CVSS4.7AI score0.00657EPSS

Exploits0References2Affected Software1

NVD•added 2022/03/17 10:15 p.m.•8 views

CVE-2021-43961

Sonatype Nexus Repository Manager 3.36.0 allows HTML Injection...

4.3CVSS0.00699EPSS

Exploits0References2

OSV•added 2022/03/17 10:15 p.m.•19 views

CVE-2021-43961

Sonatype Nexus Repository Manager 3.36.0 allows HTML Injection...

4.3CVSS6.7AI score

Exploits0References2

Prion•added 2022/03/17 10:15 p.m.•20 views

Design/Logic Flaw

Sonatype Nexus Repository Manager 3.36.0 allows HTML Injection...

4.3CVSS4.7AI score0.00699EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/03/17 9:13 p.m.•18 views

CVE-2021-43961

Sonatype Nexus Repository Manager 3.36.0 allows HTML Injection...

5AI score0.00699EPSS

Exploits0References2

CVE•added 2022/03/17 9:13 p.m.•104 views

CVE-2021-43961

CVE-2021-43961 affects Sonatype Nexus Repository Manager 3.36.0 (NXS/NXRM). The connected sources specify a HTML Injection vulnerability in this version. No exploit vectors, exploit status, or remediation details are provided in the available documents. The reports consistently describe the issue...

4.3CVSS4.6AI score0.00699EPSS

Exploits0References2Affected Software1

CNNVD•added 2022/03/11 12:0 a.m.•2 views

Sonatype Nexus Repository Manager 跨站脚本漏洞

Sonatype Nexus Repository Manager NXRM is a repository manager from Sonatype, Inc. that is used to manage, store, and distribute software, among other things. A cross-site scripting vulnerability exists in Sonatype Nexus Repository Manager 3.x through 3.37.0. A remote attacker sending a specially...

4.3CVSS4.9AI score0.00699EPSS

Exploits0References4

CISA KEV Catalog•added 2021/12/10 12:0 a.m.•22 views

Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability

Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution...

9.8CVSS3.8AI score0.76526EPSS

In wildExploits4

BDU FSTEC•added 2021/12/09 12:0 a.m.•2 views

The vulnerability of Sonatype Nexus Repository Manager, related to improper code generation management, allows a perpetrator to execute arbitrary code.

The vulnerability of Sonatype Nexus Repository Manager is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted request remotely...

9CVSS8AI score0.99064EPSS

Exploits10References6Affected Software1

NVD•added 2021/11/04 6:15 p.m.•16 views

CVE-2021-43293

Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote authenticated attacker to potentially perform network enumeration via Server Side Request Forgery SSRF...

4.3CVSS0.00843EPSS

Exploits0References1

OSV•added 2021/11/04 6:15 p.m.•11 views

CVE-2021-43293

Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote authenticated attacker to potentially perform network enumeration via Server Side Request Forgery SSRF...

4.3CVSS6.7AI score

Exploits0References1

Prion•added 2021/11/04 6:15 p.m.•18 views

Server side request forgery (ssrf)

Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote authenticated attacker to potentially perform network enumeration via Server Side Request Forgery SSRF...

4CVSS4.5AI score0.00843EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by