Lucene search
K

412 matches found

GithubExploit
GithubExploit
added 2024/05/23 6:47 a.m.46 views

Exploit for CVE-2024-4956

CVE-2024-4956 Nexus Reposito...

7.5CVSS8.7AI score0.18245EPSS
Exploits16
GithubExploit
GithubExploit
added 2024/05/23 6:47 a.m.69 views

Exploit for CVE-2024-4956

CVE-2024-4956 Nexus Reposito...

7.5CVSS8.7AI score0.18245EPSS
Exploits16
Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.4 views

PT-2024-9210 · Sonatype · Sonatype Nexus Repository 2

Name of the Vulnerable Software and Affected Versions: Sonatype Nexus Repository 2 versions up to and including 2.15.1 Description: A stored Cross-site Scripting vulnerability has been discovered, which affects the structure of web pages. This issue may allow a remote attacker to perform cross-si...

5.1CVSS6.1AI score0.00397EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.9 views

PT-2024-9211 · Sonatype · Sonatype Nexus Repository

Name of the Vulnerable Software and Affected Versions: Sonatype Nexus Repository 2 versions up to and including 2.15.1 Description: A Remote Code Execution issue has been discovered, related to incorrect code generation management. This allows a remote attacker to execute arbitrary code by...

7.1CVSS8.6AI score0.01864EPSS
Exploits0References17
NVD
NVD
added 2024/05/16 4:15 p.m.31 views

CVE-2024-4956

Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1...

7.5CVSS7.4AI score0.18245EPSS
Exploits16References1
Vulnrichment
Vulnrichment
added 2024/05/16 3:31 p.m.48 views

CVE-2024-4956 Nexus Repository 3 - Path Traversal

Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1...

7.5CVSS6.7AI score0.18245EPSS
Exploits16References1
CVE
CVE
added 2024/05/16 3:31 p.m.267 views

CVE-2024-4956

Affected product: Sonatype Nexus Repository 3. Vulnerability: Path Traversal (CWE-22) allowing an unauthenticated attacker to read system files. Root cause / details: Unauthenticated path traversal in Nexus Repository 3 enables access to sensitive files; fixed in version 3.68.1. Impact (as stated...

7.5CVSS6.4AI score0.18245EPSS
Exploits16References1
Cvelist
Cvelist
added 2024/05/16 3:31 p.m.206 views

CVE-2024-4956 Nexus Repository 3 - Path Traversal

Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1...

7.5CVSS7.7AI score0.18245EPSS
Exploits16References1
CNNVD
CNNVD
added 2024/05/16 12:0 a.m.5 views

Sonatype Nexus Repository 安全漏洞

Nexus Repository Manager is a repository management system. A path traversal vulnerability exists in Sonatype Nexus Repository Manager that can be exploited by an attacker to obtain sensitive information...

7.5CVSS6.6AI score0.18245EPSS
Exploits16References4
Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.5 views

PT-2024-4555

Name of the Vulnerable Software and Affected Versions Sonatype Nexus Repository versions prior to 3.68.1 Description The issue is a path traversal vulnerability that allows an unauthenticated attacker to read system files. This vulnerability has been identified in Sonatype Nexus Repository 3 and...

7.8CVSS7.9AI score0.18245EPSS
Exploits16References50
Gitee
Gitee
added 2023/02/16 12:17 a.m.6 views

Exploit for OS Command Injection in Sonatype Nexus_Repository_Manager

CVE-2019-5475 CVE-2019-5475 与 CVE-2019-15588 靶场: RCE 命令注入漏洞 ------ 0x00 背景 CVE-2019-5475 是 Nexus 关于内置插件 Yum Repository 的 RCE 命令注入漏洞,其最早被披露于 hackerone,但因官方第一次修复不完整,故又衍生出了 CVE-2019-15588 漏洞。 这两个漏洞都需要以 admin 身份登录后才可以利用,但是 nexus 默认管理员密码 admin123 经常被忽略修改,很容易就被利用了。 0x10 靶场环境 0x20 目录结构 CVE-2019-5475 ├──...

9CVSS7.1AI score0.18396EPSS
Exploits5
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.3 views

SUSE CVE-2019-9630

Sonatype Nexus Repository Manager before 3.17.0 has a weak default of giving any unauthenticated user read permissions on the repository files and images...

7.5CVSS7.7AI score0.01378EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.4 views

SUSE CVE-2019-9629

Sonatype Nexus Repository Manager before 3.17.0 establishes a default administrator user with weak defaults fixed credentials...

9.8CVSS9.5AI score0.0146EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/02/15 12:0 a.m.5 views

The vulnerability of Sonatype Nexus Repository Manager lies in the lack of measures to clean input data, allowing a perpetrator to execute arbitrary code.

The vulnerability of Sonatype Nexus Repository Manager is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS7.7AI score0.05602EPSS
Exploits3References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/01 12:0 a.m.5 views

The vulnerability of Sonatype Nexus Repository Manager relates to insecure management of privileges, allowing a perpetrator to execute arbitrary code.

The vulnerability of Sonatype Nexus Repository Manager is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

10CVSS8.4AI score0.76526EPSS
Exploits4References3Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/24 4:59 p.m.6 views

org.sonatype.nexus.assemblies:nexus-base-template (>=3.10.0-04 <=3.18.1-01), org.sonatype.nexus.assemblies:nexus-core-feature (>=3.0.0-03 <=3.18.1-01) +21 more potentially affected by CVE-2019-16530 via org.sonatype.nexus:nexus-repository (>=3.0.0-03 <=3.18.1-01)

org.sonatype.nexus:nexus-repository MAVEN version =3.0.0-03, =3.10.0-04, =3.0.0-03, =3.10.0-04, =3.10.0-04, =3.17.0-01, =0.0.4, =3.17.0-01, =3.10.0-04, =3.10.0-04, =3.11.0-01, =0.0.2, =3.13.0-01, =1.0.4, =3.10.0-04, =3.18.1-01 and more Source cves: CVE-2019-16530 Source advisory: OSV:GHSA-HM...

9CVSS7.1AI score0.03343EPSS
Exploits0
OSV
OSV
added 2022/05/24 4:59 p.m.15 views

GHSA-HMJV-PX3J-933C Unrestricted Upload of File with Dangerous Type in Sonatype Nexus Repository Manager

Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution...

7.2CVSS7.3AI score0.03343EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/24 4:59 p.m.28 views

Unrestricted Upload of File with Dangerous Type in Sonatype Nexus Repository Manager

Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution...

9CVSS2.4AI score0.03343EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/03/30 4:15 p.m.2 views

CVE-2022-27907

Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF...

4.3CVSS5.9AI score0.00657EPSS
Exploits0References3
NVD
NVD
added 2022/03/30 4:15 p.m.28 views

CVE-2022-27907

Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF...

4.3CVSS0.00657EPSS
Exploits0References2
Rows per page
Query Builder