Lucene search
+L

17 matches found

OSV
OSV
added 2026/05/19 9:39 a.m.4 views

CVE-2026-45187 Apache OFBiz: Improper Authorization in Scheduled Job Creation Allows Low-Privileged Users to Submit System Jobs

Improper Authorization vulnerability in Apache OFBiz Webtools. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

6.5CVSS5.9AI score0.00513EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-12445

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00805EPSS
Exploits0References2
Snyk
Snyk
added 2025/07/02 7:41 p.m.6 views

Expired Pointer Dereference

Overview org.lucee:lucee is a Lucee Server is a dynamic, Java based JSR-223, tag and scripting language used for rapid web application development. Affected versions of this package are vulnerable to Expired Pointer Dereference via the scheduled task process. An authenticated attacker with an...

9.4CVSS7.4AI score0.01134EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/07/02 7:26 p.m.7 views

CVE-2025-34074 Lucee Admin Interface Authenticated Remote Code Execution via Scheduled Job File Write

An authenticated remote code execution vulnerability exists in Lucee’s administrative interface due to insecure design in the scheduled task functionality. An administrator with access to /lucee/admin/web.cfm can configure a scheduled job to retrieve a remote .cfm file from an attacker-controlled...

9.4CVSS8.4AI score0.01134EPSS
Exploits1References3
Veeam
Veeam
added 2024/06/13 12:0 a.m.15 views

No action was taken because the import artifacts already existed

Challenge Veeam Kasten for Kubernetes has smart logic built-in to perform intelligent actions. Assuming an Import job on the target cluster was successfully completed, unless there's a new restorepoint from the source cluster, the job won't run. This can happen if: there are no new restorepoints ...

7AI score
Exploits0
NVD
NVD
added 2023/04/20 9:15 a.m.16 views

CVE-2023-0384

User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1 due to uncontrolled memory consumption for a scheduled job...

7.5CVSS6.6AI score0.00805EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/04/20 9:15 a.m.3 views

CVE-2023-0384

User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1 due to uncontrolled memory consumption for a scheduled job...

7.5CVSS7.5AI score0.00805EPSS
Exploits0References4
OSV
OSV
added 2023/04/20 9:15 a.m.7 views

CVE-2023-0384

User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1 due to uncontrolled memory consumption for a scheduled job...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References3
Prion
Prion
added 2023/04/20 9:15 a.m.19 views

Code injection

User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1 due to uncontrolled memory consumption for a scheduled job...

5CVSS7.5AI score0.00805EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/20 12:0 a.m.8 views

PT-2023-16233 · M Files · M-Files Server

Name of the Vulnerable Software and Affected Versions: M-Files Server versions prior to 23.4.12528.1 Description: The issue allows for Denial of Service due to uncontrolled memory consumption for a scheduled job, caused by user-controlled operations. Recommendations: For versions prior to...

7.5CVSS7.2AI score0.00805EPSS
Exploits0References6
0day.today
0day.today
added 2023/04/08 12:0 a.m.198 views

Lucee Scheduled Job v1.0 - Command Execution Exploit

Exploit Title: Lucee Scheduled Job v1.0 - Command Execution Exploit Author: Alexander Philiotis Vendor Homepage: https://www.lucee.org/ Software Link: https://download.lucee.org/ Version: All versions with scheduled jobs enabled Tested on: Linux - Debian, Lubuntu & Windows 10 Ref :...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.271 views

Lucee Scheduled Job v1.0 - Command Execution

Exploit Title: Lucee Scheduled Job v1.0 - Command Execution Date: 3-23-2012 Exploit Author: Alexander Philiotis Vendor Homepage: https://www.lucee.org/ Software Link: https://download.lucee.org/ Version: All versions with scheduled jobs enabled Tested on: Linux - Debian, Lubuntu & Windows 10 Ref ...

7AI score
Exploits0
0day.today
0day.today
added 2023/03/06 12:0 a.m.463 views

Lucee Authenticated Scheduled Job Code Execution Exploit

This Metasploit module can be used to execute a payload on Lucee servers that have an exposed administrative web interface. It's possible for an administrator to create a scheduled job that queries a remote ColdFusion file, which is then downloaded and executed when accessed. The payload is...

7.8AI score
Exploits0
Metasploit
Metasploit
added 2023/03/02 7:51 p.m.213 views

Lucee Authenticated Scheduled Job Code Execution

This module can be used to execute a payload on Lucee servers that have an exposed administrative web interface. It's possible for an administrator to create a scheduled job that queries a remote ColdFusion file, which is then downloaded and executed when accessed. The payload is uploaded as a cf...

9.4CVSS7.2AI score0.01134EPSS
Exploits1
Packet Storm
Packet Storm
added 2023/03/02 12:0 a.m.353 views

Lucee Authenticated Scheduled Job Code Execution

class MetasploitModule 'Lucee Authenticated Scheduled Job Code Execution', 'Description' = %q This module can be used to execute a payload on Lucee servers that have an exposed administrative web interface. It's possible for an administrator to create a scheduled job that queries a remote...

0.9AI score
Exploits0
Veeam
Veeam
added 2023/02/01 12:0 a.m.383 views

Connection over network is blocked by network throttling rules

Challenge A Veeam Agent Backup job fails with the error: Error: Connection over network is blocked by network throttling rules Error as it appears in the Veeam Backup & Replication Console Error as it appears in the Veeam Agent for Microsoft Windows Control Panel Cause This error occurs when a...

6.9AI score
Exploits0Affected Software2
Packet Storm
Packet Storm
added 2019/07/19 12:0 a.m.218 views

Microsoft Windows Task Scheduler Local Privilege Escalation

Microsoft Windows Task Scheduler local EoP Report by Social Engineering Neo. Affected Platforms: - Microsoft Windows ≤10 Tested On: - Windows 10 build 1809, 1903 & Windows 7 SP1. Tested on the most recent security patch. July 2019 Class: - Improper Authorization - CWE-285. Remote Code Execution...

0.1AI score
Exploits0
Rows per page
Query Builder