Lucene search
K

207 matches found

Chainguard
Chainguard
added 2 days ago5 views

CVE-2025-14813 vulnerabilities

Vulnerabilities for packages: sonarqube...

9.3CVSS7.2AI score0.00313EPSS
Exploits0
Chainguard
Chainguard
added 2 days ago7 views

GHSA-574F-3G2M-X479 vulnerabilities

Vulnerabilities for packages: sonarqube...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2 days ago4 views

GHSA-574F-3G2M-X479 vulnerabilities

Vulnerabilities for packages: sonarqube...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2 days ago4 views

CVE-2025-14813 vulnerabilities

Vulnerabilities for packages: sonarqube...

9.3CVSS7.2AI score0.00313EPSS
Exploits0
Nuclei
Nuclei
added 2 days ago163 views

SonarQube - Authentication Bypass

SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. id: CVE-2020-27986 info: name: SonarQube - Authentication Bypass author: pikpikcu severity: high description: | SonarQube 8.4.2.36762 allows remote attackers to...

8.8CVSS7.1AI score0.16183EPSS
Exploits0References5
OSV
OSV
added 2026/04/16 12:54 a.m.9 views

CLEANSTART-2026-QW49365 Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) causing a persistent denial o...

Multiple security vulnerabilities affect the sonarqube package. Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 causing a persistent denial of service OOM crash via submission of...

9.8CVSS5.8AI score0.00245EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/10 2:8 p.m.5 views

CVE-2026-3816

A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability affects the function inputzip.read of the file parser.py of the component SonarQubeParser/MSDefenderParser. The manipulation leads to denial of service. The attack can be initiated remotely. The exploi...

6.5CVSS5.3AI score0.00538EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/09 12:31 p.m.6 views

EUVD-2026-10325

A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability affects the function inputzip.read of the file parser.py of the component SonarQubeParser/MSDefenderParser. The manipulation leads to denial of service. The attack can be initiated remotely. The exploi...

5.3CVSS5.3AI score0.00538EPSS
Exploits1References9
NVD
NVD
added 2026/03/09 11:16 a.m.6 views

CVE-2026-3816

A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability affects the function inputzip.read of the file parser.py of the component SonarQubeParser/MSDefenderParser. The manipulation leads to denial of service. The attack can be initiated remotely. The exploi...

6.5CVSS0.00538EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2026/03/09 11:2 a.m.4 views

CVE-2026-3816

A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability affects the function inputzip.read of the file parser.py of the component SonarQubeParser/MSDefenderParser. The manipulation leads to denial of service. The attack can be initiated remotely. The exploi...

5.3CVSS5.3AI score0.00538EPSS
Exploits1References8Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/09 11:2 a.m.4 views

CVE-2026-3816 OWASP DefectDojo SonarQubeParser/MSDefenderParser parser.py input_zip.read denial of service

A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability affects the function inputzip.read of the file parser.py of the component SonarQubeParser/MSDefenderParser. The manipulation leads to denial of service. The attack can be initiated remotely. The exploi...

5.3CVSS5.3AI score0.00538EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/03/09 11:2 a.m.35 views

CVE-2026-3816 OWASP DefectDojo SonarQubeParser/MSDefenderParser parser.py input_zip.read denial of service

A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability affects the function inputzip.read of the file parser.py of the component SonarQubeParser/MSDefenderParser. The manipulation leads to denial of service. The attack can be initiated remotely. The exploi...

5.3CVSS0.00538EPSS
Exploits1References8
CVE
CVE
added 2026/03/09 11:2 a.m.25 views

CVE-2026-3816

The CVE-2026-3816 affects OWASP DefectDojo

6.5CVSS5.3AI score0.00538EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2026/01/29 3:16 p.m.5 views

CVE-2020-37020

SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe in the service path with a malicious executable to execute code with highest system privileges...

8.5CVSS0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/29 2:28 p.m.34 views

CVE-2020-37020 SonarQube 8.3.1 - Unquoted Service Path

SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe in the service path with a malicious executable to execute code with highest system privileges...

8.5CVSS0.00121EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/29 2:28 p.m.6 views

CVE-2020-37020

SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe in the service path with a malicious executable to execute code with highest system privileges...

8.5CVSS6.1AI score0.00121EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/01/29 2:28 p.m.11 views

CVE-2020-37020

CVE-2020-37020 affects SonarQube 8.3.1 and describes an unquoted service path vulnerability in the service executable path. According to the provided description, local attackers can gain SYSTEM privileges by exploiting this path vulnerability: they replace the wrapper.exe in the service path wit...

8.5CVSS6.1AI score0.00121EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/29 2:28 p.m.5 views

CVE-2020-37020 SonarQube 8.3.1 - Unquoted Service Path

SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe in the service path with a malicious executable to execute code with highest system privileges...

8.5CVSS6.1AI score0.00121EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/29 2:28 p.m.6 views

EUVD-2020-30923

SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe in the service path with a malicious executable to execute code with highest system privileges...

8.5CVSS6.1AI score0.00121EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/29 12:0 a.m.7 views

PT-2026-5293

SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe in the service path with a malicious executable to execute code with highest system privileges...

8.5CVSS6.1AI score0.00121EPSS
Exploits0References4
Rows per page
Query Builder