Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:2 a.m.6 views

CVE-2024-29309

An issue in Alfresco Content Services v.23.3.0.7 allows a remote attacker to execute arbitrary code via the Transfer Service...

7.7CVSS8AI score0.00657EPSS
Exploits0References1
NVD
NVD
added 2024/05/02 4:15 p.m.14 views

CVE-2024-29309

An issue in Alfresco Content Services v.23.3.0.7 allows a remote attacker to execute arbitrary code via the Transfer Service...

7.7CVSS7.5AI score0.00657EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/02 12:0 a.m.15 views

CVE-2024-29309

An issue in Alfresco Content Services v.23.3.0.7 allows a remote attacker to execute arbitrary code via the Transfer Service...

7.9AI score0.00657EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.4 views

PT-2024-22855 · Alfresco · Alfresco Content Services

Name of the Vulnerable Software and Affected Versions: Alfresco Content Services version 23.3.0.7 Description: An issue in Alfresco Content Services allows a remote attacker to execute arbitrary code via the Transfer Service. Recommendations: For Alfresco Content Services version 23.3.0.7, consid...

7.7CVSS8.3AI score0.00657EPSS
Exploits0References6
CVE
CVE
added 2024/05/02 12:0 a.m.68 views

CVE-2024-29309

CVE-2024-29309 affects Alfresco Content Services v23.3.0.7, where the Transfer Service enables remote code execution. Impact: attacker can execute arbitrary code remotely over the network with no user interaction. Root cause: vulnerability in the Transfer Service component. Mitigation/workaround:...

7.7CVSS7.8AI score0.00657EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/02 12:0 a.m.18 views

CVE-2024-29309

An issue in Alfresco Content Services v.23.3.0.7 allows a remote attacker to execute arbitrary code via the Transfer Service...

7.8AI score0.00657EPSS
Exploits0References1
OSV
OSV
added 2021/10/21 9:15 a.m.20 views

CVE-2021-41790

An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment...

8.8CVSS7.8AI score
Exploits0References2
Prion
Prion
added 2021/10/21 9:15 a.m.22 views

Server side request forgery (ssrf)

An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. A crafted HTML file, once uploaded, could trigger an unexpected request by the transformation engine. The response to the request is not available to...

5CVSS5.1AI score0.00829EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2021/10/21 8:49 a.m.18 views

CVE-2021-41792

An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. A crafted HTML file, once uploaded, could trigger an unexpected request by the transformation engine. The response to the request is not available to...

5.5AI score0.00829EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/10/21 8:49 a.m.19 views

CVE-2021-41790

An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment...

9AI score0.01422EPSS
Exploits0References2
Rows per page
Query Builder