412 matches found
CVE-2024-5082 Nexus Repository 2 - Remote Code Execution
A Remote Code Execution vulnerability has been discovered in Sonatype Nexus Repository 2. This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1...
CVE-2024-5083
A stored Cross-site Scripting vulnerability has been discovered in Sonatype Nexus Repository 2 This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1...
CVE-2024-5083 Nexus Repository 2 - Stored XSS
A stored Cross-site Scripting vulnerability has been discovered in Sonatype Nexus Repository 2 This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1...
CVE-2024-5083
A stored cross-site scripting vulnerability affects Sonatype Nexus Repository 2 (OSS/Pro) up to and including version 2.15.1. Public descriptions indicate the issue is a stored XSS flaw in Nexus Repository 2 and that remediation involves updating to a version that includes the fix (as noted by PT...
CVE-2024-5083 Nexus Repository 2 - Stored XSS
A stored Cross-site Scripting vulnerability has been discovered in Sonatype Nexus Repository 2 This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1...
Sonatype Nexus Repository Manager 跨站脚本漏洞
Sonatype Nexus Repository Manager NXRM is a repository manager from Sonatype, Inc. that is used for managing, storing, and distributing software, among other things. A cross-site scripting vulnerability exists in Sonatype Nexus Repository Manager version 2.15.1 and earlier, which stems from the...
Sonatype Nexus Repository 代码注入漏洞
Sonatype Nexus Repository is a repository manager from Sonatype, Inc. that is used for managing, storing, and distributing software, among other things. A code injection vulnerability exists in Sonatype Nexus Repository version 2.15.1 and earlier, which stems from the presence of a remote code...
CVE-2024-5764
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database SMTP or HTTP proxy credentials, user tokens, tokens, among others. The affected versions relied on ...
CVE-2024-5764
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database SMTP or HTTP proxy credentials, user tokens, tokens, among others. The affected versions relied on ...
CVE-2024-5764
CVE-2024-5764 affects Nexus Repository 3.x (3.0.0–3.72.0). It arises from a static hard-coded encryption passphrase used by the PasswordCipher to encrypt secrets in the Nexus configuration database (SMTP/HTTP proxy credentials, tokens, etc.). An administrator could set an alternate passphrase at ...
CVE-2024-5764 Nexus Repository 3 - Static hard-coded encryption passphrase used by default
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database SMTP or HTTP proxy credentials, user tokens, tokens, among others. The affected versions relied on ...
Sonatype Nexus Repository 安全漏洞
Sonatype Nexus Repository is a repository manager from Sonatype, Inc. that is used to manage, store, and distribute software, among other things. A security vulnerability exists in Sonatype Nexus Repository versions 3.0.0 through 3.72.0 that stems from the use of hard-coded credentials...
The vulnerability of Sonatype Nexus Repository Manager lies in the improper restriction of the path name to the restricted directory. This allows attackers to disclose protected information.
The vulnerability of Sonatype Nexus Repository Manager is related to incorrect restrictions on the path to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to disclose protected information...
Exploit for CVE-2024-4956
CVE-2024-4956 !My Shophttps://img.shields.io/badge/My%20S...
Exploit for CVE-2024-4956
CVE-2024-4956-Sonatype-Nexus-Repository-Manager Sonatype Ne...
Exploit for CVE-2024-4956
CVE-2024-4956 : Nexus Repository Manager 3 Dork: - Shodan:...
Nexus Repository 3.x < 3.68.1 Path Traversal
Nexus Repository version 3.x prior to 3.68.1 is affected by a Path Traversal allowing an attacker to create a URL returning any file for download, including system files outside the scope of the Nexus Repository application, without any authentication. No source data...
Path Traversal Vulnerability in Sonatype Nexus Repository
Nexus Repository Manager is a repository management system. A path traversal vulnerability exists in Sonatype Nexus Repository Manager that can be exploited by an attacker to obtain sensitive information...
Exploit for CVE-2024-4956
CVE-2024-4956 - Unauthenticated Path Traversal in Nexus Reposi...
Exploit for CVE-2024-4956
CVE-2024-4956 - Unauthenticated Path Traversal in Nexus Reposi...