Lucene search
K

412 matches found

NVD
NVD
added 2020/08/12 10:15 p.m.12 views

CVE-2020-15868

Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control...

7.5CVSS7.6AI score0.01143EPSS
Exploits0References1
Prion
Prion
added 2020/08/12 10:15 p.m.14 views

Improper access control

Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control...

5CVSS7.6AI score0.01143EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/08/12 9:20 p.m.16 views

CVE-2020-15868

Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control...

7.6AI score0.01143EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/03 12:0 a.m.9 views

Sonatype Nexus Repository Manager Remote Code Execution Vulnerability (CNVD-2021-32036)

Nexus Repository Manager is a repository manager from Sonatype that lets you proxy, collect, and manage your dependencies so you don't have to deal with a series of JARs as often, allowing you to distribute your software with ease.OSS is the open-source, free version, and Pro is the professional,...

8.8CVSS7.7AI score0.02233EPSS
Exploits0References1
OSV
OSV
added 2020/07/31 8:15 p.m.3 views

CVE-2020-15871

Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution...

8.8CVSS7.4AI score0.02233EPSS
Exploits0References2
NVD
NVD
added 2020/07/31 8:15 p.m.14 views

CVE-2020-15870

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS Issue 2 of 2...

6.1CVSS6.1AI score0.00677EPSS
Exploits0References2
OSV
OSV
added 2020/07/31 8:15 p.m.2 views

CVE-2020-15870

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS Issue 2 of 2...

6.1CVSS6.4AI score0.00677EPSS
Exploits0References2
OSV
OSV
added 2020/07/31 8:15 p.m.2 views

CVE-2020-15869

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS issue 1 of 2...

5.4CVSS6.1AI score0.00677EPSS
Exploits0References2
NVD
NVD
added 2020/07/31 8:15 p.m.13 views

CVE-2020-15869

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS issue 1 of 2...

5.4CVSS5.3AI score0.00677EPSS
Exploits0References2
Prion
Prion
added 2020/07/31 8:15 p.m.16 views

Cross site scripting

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS issue 1 of 2...

4.3CVSS5.3AI score0.00677EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/07/31 7:59 p.m.25 views

CVE-2020-15871

Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution...

8.9AI score0.02233EPSS
Exploits0References2
CVE
CVE
added 2020/07/31 7:59 p.m.66 views

CVE-2020-15871

CVE-2020-15871 affects Sonatype Nexus Repository Manager OSS/Pro prior to 3.25.1, enabling remote code execution. The issue is described across multiple sources as a RCE vulnerability in Nexus Repository Manager OSS/Pro versions before 3.25.1. Remediation: upgrade to version 3.25.1 or later. Publ...

8.8CVSS8.9AI score0.02233EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/07/31 7:49 p.m.19 views

CVE-2020-15869

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS issue 1 of 2...

5.3AI score0.00677EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/07/31 7:42 p.m.19 views

CVE-2020-15870

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS Issue 2 of 2...

6.1AI score0.00677EPSS
Exploits0References2
CVE
CVE
added 2020/07/31 7:42 p.m.49 views

CVE-2020-15870

CVE-2020-15870 affects Sonatype Nexus Repository Manager OSS/Pro prior to 3.25.1, described as a cross-site scripting (XSS) issue. The public records in the connected documents consistently report this vulnerability as an XSS flaw without detailing the exact vulnerable component, version ranges b...

6.1CVSS6AI score0.00677EPSS
Exploits0References2Affected Software1
Hacker One
Hacker One
added 2020/07/07 10:0 a.m.29 views

Central Security Project: Unsafe deserialization in Nexus Repository helm plugin

A remote code execution vulnerability CVE-2020-15871 has been discovered in Nexus Repository Manager 3. A user with the right permissions can run arbitrary code as the user running the Nexus Repository Manager server. Alternatively, an attacker could trick a user with the right permissions into...

6.8CVSS1.3AI score0.02233EPSS
Exploits0
Gitee
Gitee
added 2020/05/27 2:46 p.m.5 views

Exploit for Expression Language Injection in Sonatype Nexus

Nexus Repository Manager 3 Vuln 影响版本:= 3.21.2 CVE-2020-10199、CVE-2020-10204、CVE-2020-11444 CVE-2020-10199 远程代码命令执行 回显poc 不回显poc $\A''.getClass.forName'java.lang.Runtime'.getMethods6.invokenull.exec'touch /tmp/cve-2020-10199' 普通用户权限 /service/rest/beta/repositories/go/group 需要管理员权限 1...

9CVSS9.4AI score0.99064EPSS
Exploits12
Check Point Advisories
Check Point Advisories
added 2020/05/24 12:0 a.m.14 views

Sonatype Nexus Repository Manager Remote Code Execution (CVE-2020-10199)

A remote code execution vulnerability exists in Sonatype Nexus Repository Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.1AI score0.99064EPSS
Exploits10
CNVD
CNVD
added 2020/04/28 12:0 a.m.2 views

Sonatype Nexus Repository Manager Information Disclosure Vulnerability (CNVD-2020-33469)

Sonatype Nexus Repository Manager NXRM is a repository manager from Sonatype, Inc. that is used to manage, store, and distribute software, among other things. A security vulnerability exists in Sonatype NXRM version 2.x prior to 2.14.17 and version 3.x prior to 3.22.1. An attacker can exploit the...

4.9CVSS6.8AI score0.00648EPSS
Exploits0References1
OSV
OSV
added 2020/04/27 3:15 p.m.19 views

CVE-2020-11415

An issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.17 and 3.x before 3.22.1. Admin users can retrieve the LDAP server system username/password as configured in nxrm in cleartext...

4.9CVSS6.8AI score
Exploits0References1
Rows per page
Query Builder