408 matches found
CVE-2021-42568
Sonatype Nexus Repository Manager 3.x through 3.35.0 allows attackers to access the SSL Certificates Loading function via a low-privileged account...
CVE-2021-42568
CVE-2021-42568 affects Sonatype Nexus Repository Manager 3.x up to 3.35.0. The vulnerability arises from incorrect access control that allows a low-privileged account to access the SSL Certificates Loading function, potentially exposing sensitive certificate-related data. The documented impact is...
Sonatype Nexus Repository Manager 信息泄露漏洞
Sonatype Nexus Repository Manager NXRM is a repository manager from Sonatype, Inc. that is used to manage, store, and distribute software, among other things. An information disclosure vulnerability exists in Sonatype Nexus Repository Manager, which can be exploited by an attacker to bypass acces...
CVE-2021-37152
Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository Manager’s pages with code modifications...
CVE-2021-37152
Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository Manager’s pages with code modifications...
Design/Logic Flaw
Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository Manager’s pages with code modifications...
CVE-2021-37152
CVE-2021-37152 affects Sonatype Nexus Repository Manager 3.x prior to 3.33.0. An authenticated attacker who can add HTML files to a repository could cause cross-site scripting by redirecting users to Nexus pages with modified code. Root cause: improper handling/delivery of HTML content uploaded t...
CVE-2021-37152
Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository Manager’s pages with code modifications...
DELL EMC Repository Manager has an unspecified vulnerability
DELL EMC Repository Manager is an application within the Dell OpenManage product portfolio from Dell USA that allows IT administrators to easily manage system updates.Dell Repository Manager provides a searchable interface for creating custom software collections that are A security vulnerability...
CVE-2020-5315
Dell EMC Repository Manager DRM version 3.2 contains a plain-text password storage vulnerability. Proxy server user password is stored in a plain text in a local database. A local authenticated malicious user with access to the local file system may use the exposed password to access the with...
Default credentials
Dell EMC Repository Manager DRM version 3.2 contains a plain-text password storage vulnerability. Proxy server user password is stored in a plain text in a local database. A local authenticated malicious user with access to the local file system may use the exposed password to access the with...
CVE-2020-5315
Dell EMC Repository Manager DRM version 3.2 contains a plain-text password storage vulnerability. Proxy server user password is stored in a plain text in a local database. A local authenticated malicious user with access to the local file system may use the exposed password to access the with...
CVE-2020-5315
Dell EMC Repository Manager (DRM) 3.2 contains a plain-text password storage vulnerability for proxy server credentials in the local database. An attacker with local file-system access and authentication could extract these passwords and gain the compromised user’s privileges. The issue is descri...
DELL EMC Repository Manager 安全漏洞
DELL EMC Repository Manager is an application within the Dell OpenManage product portfolio from Dell USA that allows IT administrators to easily manage system updates.Dell Repository Manager provides a searchable interface for creating custom software collections that are A security vulnerability...
CVE-2021-34553
Sonatype Nexus Repository Manager 3.x before 3.31.0 allows a remote authenticated attacker to get a list of blob files and read the content of a blob file via a GET request without having been granted access...
CVE-2021-34553
Sonatype Nexus Repository Manager 3.x before 3.31.0 allows a remote authenticated attacker to get a list of blob files and read the content of a blob file via a GET request without having been granted access...
Design/Logic Flaw
Sonatype Nexus Repository Manager 3.x before 3.31.0 allows a remote authenticated attacker to get a list of blob files and read the content of a blob file via a GET request without having been granted access...
CVE-2021-34553
Sonatype Nexus Repository Manager 3.x before 3.31.0 allows a remote authenticated attacker to get a list of blob files and read the content of a blob file via a GET request without having been granted access...
CVE-2021-34553
Sonatype Nexus Repository Manager 3.x before 3.31.0 is vulnerable: remote authenticated attackers can enumerate blob files and read blob contents via GET without proper access. Affected software is Nexus Repository Manager 3.x prior to 3.31.0; remediation is to upgrade to 3.31.0 or later (per Red...
Sonatype Nexus Repository Manager 路径遍历漏洞
Sonatype Nexus Repository Manager NXRM is a repository manager from Sonatype, Inc. that is used for managing, storing, and distributing software, among other things. A path traversal vulnerability in Sonatype Nexus Repository Manager version 3.x prior to 3.31.0 allows remote authenticated attacke...