Lucene search
K

412 matches found

Cvelist
Cvelist
added 2024/11/14 2:58 a.m.23 views

CVE-2024-5082 Nexus Repository 2 - Remote Code Execution

A Remote Code Execution vulnerability has been discovered in Sonatype Nexus Repository 2. This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1...

7.1CVSS0.01864EPSS
Exploits0References1
NVD
NVD
added 2024/11/14 2:15 a.m.13 views

CVE-2024-5083

A stored Cross-site Scripting vulnerability has been discovered in Sonatype Nexus Repository 2 This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1...

5.1CVSS0.00397EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/14 1:31 a.m.8 views

CVE-2024-5083 Nexus Repository 2 - Stored XSS

A stored Cross-site Scripting vulnerability has been discovered in Sonatype Nexus Repository 2 This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1...

5.1CVSS6.6AI score0.00397EPSS
Exploits0References1
CVE
CVE
added 2024/11/14 1:31 a.m.45 views

CVE-2024-5083

A stored cross-site scripting vulnerability affects Sonatype Nexus Repository 2 (OSS/Pro) up to and including version 2.15.1. Public descriptions indicate the issue is a stored XSS flaw in Nexus Repository 2 and that remediation involves updating to a version that includes the fix (as noted by PT...

5.1CVSS6.6AI score0.00397EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/14 1:31 a.m.19 views

CVE-2024-5083 Nexus Repository 2 - Stored XSS

A stored Cross-site Scripting vulnerability has been discovered in Sonatype Nexus Repository 2 This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1...

5.1CVSS0.00397EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.2 views

Sonatype Nexus Repository Manager 跨站脚本漏洞

Sonatype Nexus Repository Manager NXRM is a repository manager from Sonatype, Inc. that is used for managing, storing, and distributing software, among other things. A cross-site scripting vulnerability exists in Sonatype Nexus Repository Manager version 2.15.1 and earlier, which stems from the...

5.1CVSS6AI score0.00397EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.3 views

Sonatype Nexus Repository 代码注入漏洞

Sonatype Nexus Repository is a repository manager from Sonatype, Inc. that is used for managing, storing, and distributing software, among other things. A code injection vulnerability exists in Sonatype Nexus Repository version 2.15.1 and earlier, which stems from the presence of a remote code...

7.1CVSS8.2AI score0.01864EPSS
Exploits0References2
NVD
NVD
added 2024/10/23 3:15 p.m.29 views

CVE-2024-5764

Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database SMTP or HTTP proxy credentials, user tokens, tokens, among others. The affected versions relied on ...

6.5CVSS0.00391EPSS
Exploits0References1
OSV
OSV
added 2024/10/23 3:15 p.m.4 views

CVE-2024-5764

Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database SMTP or HTTP proxy credentials, user tokens, tokens, among others. The affected versions relied on ...

6.5CVSS7AI score
Exploits0References1
CVE
CVE
added 2024/10/23 2:47 p.m.84 views

CVE-2024-5764

CVE-2024-5764 affects Nexus Repository 3.x (3.0.0–3.72.0). It arises from a static hard-coded encryption passphrase used by the PasswordCipher to encrypt secrets in the Nexus configuration database (SMTP/HTTP proxy credentials, tokens, etc.). An administrator could set an alternate passphrase at ...

6.5CVSS6.6AI score0.00391EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/23 2:47 p.m.29 views

CVE-2024-5764 Nexus Repository 3 - Static hard-coded encryption passphrase used by default

Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database SMTP or HTTP proxy credentials, user tokens, tokens, among others. The affected versions relied on ...

5.9CVSS6.9AI score0.00391EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/23 12:0 a.m.2 views

Sonatype Nexus Repository 安全漏洞

Sonatype Nexus Repository is a repository manager from Sonatype, Inc. that is used to manage, store, and distribute software, among other things. A security vulnerability exists in Sonatype Nexus Repository versions 3.0.0 through 3.72.0 that stems from the use of hard-coded credentials...

6.5CVSS6.8AI score0.00391EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/05 12:0 a.m.5 views

The vulnerability of Sonatype Nexus Repository Manager lies in the improper restriction of the path name to the restricted directory. This allows attackers to disclose protected information.

The vulnerability of Sonatype Nexus Repository Manager is related to incorrect restrictions on the path to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to disclose protected information...

7.8CVSS7.7AI score0.18245EPSS
Exploits16References5Affected Software1
GithubExploit
GithubExploit
added 2024/06/09 10:57 a.m.530 views

Exploit for CVE-2024-4956

CVE-2024-4956 !My Shophttps://img.shields.io/badge/My%20S...

7.5CVSS7.7AI score0.18245EPSS
Exploits16
GithubExploit
GithubExploit
added 2024/05/30 8:4 a.m.423 views

Exploit for CVE-2024-4956

CVE-2024-4956-Sonatype-Nexus-Repository-Manager Sonatype Ne...

7.5CVSS7.5AI score0.18245EPSS
Exploits16
GithubExploit
GithubExploit
added 2024/05/28 3:5 p.m.59 views

Exploit for CVE-2024-4956

CVE-2024-4956 : Nexus Repository Manager 3 Dork: - Shodan:...

7.5CVSS7AI score0.18245EPSS
Exploits16
Tenable Nessus
Tenable Nessus
added 2024/05/27 12:0 a.m.22 views

Nexus Repository 3.x < 3.68.1 Path Traversal

Nexus Repository version 3.x prior to 3.68.1 is affected by a Path Traversal allowing an attacker to create a URL returning any file for download, including system files outside the scope of the Nexus Repository application, without any authentication. No source data...

7.5CVSS7.2AI score0.18245EPSS
Exploits16References2
CNVD
CNVD
added 2024/05/25 12:0 a.m.14 views

Path Traversal Vulnerability in Sonatype Nexus Repository

Nexus Repository Manager is a repository management system. A path traversal vulnerability exists in Sonatype Nexus Repository Manager that can be exploited by an attacker to obtain sensitive information...

7.5CVSS6.3AI score0.18245EPSS
Exploits16
GithubExploit
GithubExploit
added 2024/05/24 12:45 p.m.75 views

Exploit for CVE-2024-4956

CVE-2024-4956 - Unauthenticated Path Traversal in Nexus Reposi...

7.5CVSS6.9AI score0.18245EPSS
Exploits16
GithubExploit
GithubExploit
added 2024/05/23 11:39 a.m.98 views

Exploit for CVE-2024-4956

CVE-2024-4956 - Unauthenticated Path Traversal in Nexus Reposi...

7.5CVSS8.6AI score0.18245EPSS
Exploits16
Rows per page
Query Builder