Lucene search
K

167 matches found

OpenVAS
OpenVAS
added 2023/05/10 12:0 a.m.17 views

Apache CouchDB <= 3.2.2, 3.3.x <= 3.3.1 Information Disclosure Vulnerability - Linux

Apache CouchDB is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.3CVSS5.6AI score0.01429EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/05/10 12:0 a.m.20 views

Apache CouchDB <= 3.2.2, 3.3.x <= 3.3.1 Information Disclosure Vulnerability - Windows

Apache CouchDB is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.3CVSS5.6AI score0.01429EPSS
Exploits0References1
CNVD
CNVD
added 2023/05/08 12:0 a.m.28 views

Apache CouchDB Information Disclosure Vulnerability

Apache CouchDB is the United States Apache Apache Foundation's use of Erlang development of a document-oriented database system. An information disclosure vulnerability exists in Apache CouchDB, which stems from the fact that design documents with matching document IDs from databases on the same...

5.3CVSS6.2AI score0.01429EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/05/04 12:0 a.m.38 views

Apache CouchDB < 3.2.3 / 3.3.x < 3.3.2 Information Disclosure

According to its banner, the version of CouchDB running on the remote host is prior to 3.2.3 or 3.3.x prior to 3.3,2. It is, therefore, affected by an information disclosure vulnerability. Design documents with matching document IDs, from databases on the same cluster, may share a mutable...

5.3CVSS6.4AI score0.01429EPSS
Exploits0References2
Prion
Prion
added 2023/05/02 9:15 p.m.19 views

Code injection

Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: validatedocupdate list filter filter views using view functions as filters rewrite update This doesn't affect map/reduce or searc...

5CVSS5.1AI score0.01429EPSS
Exploits0References3Affected Software2
UbuntuCve
UbuntuCve
added 2023/05/02 9:15 p.m.36 views

CVE-2023-26268

Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: validatedocupdate list filter filter views using view functions as filters rewrite update This doesn't affect map/reduce or searc...

5.3CVSS6.7AI score0.01429EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/05/02 8:6 p.m.28 views

CVE-2023-26268 Apache CouchDB, IBM Cloudant: Information sharing via couchjs processes

Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: validatedocupdate list filter filter views using view functions as filters rewrite update This doesn't affect map/reduce or searc...

4.4CVSS5.4AI score0.01429EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/05/02 8:6 p.m.16 views

CVE-2023-26268 Apache CouchDB, IBM Cloudant: Information sharing via couchjs processes

Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: validatedocupdate list filter filter views using view functions as filters rewrite update This doesn't affect map/reduce or searc...

4.4CVSS7AI score0.01429EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/11/08 12:0 a.m.32 views

Apache CouchDB < 3.2.2 Privilege Escalation Vulnerability - Active Check

Apache CouchDB is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:couchdb";...

10CVSS9.5AI score0.92335EPSS
Exploits9References4
Rapid7 Blog
Rapid7 Blog
added 2022/11/04 7:14 p.m.56 views

Metasploit Weekly Wrap-Up

C is for cookie And that’s good enough for Apache CouchDB, apparently. Our very own Jack Heysel added an exploit module based on CVE-2022-24706 targeting CouchDB prior to 3.2.2, leveraging a special default ‘monster’ cookie that allows users to run OS commands. This fake computer I just made says...

10CVSS8.2AI score0.99607EPSS
Exploits37
Packet Storm
Packet Storm
added 2022/11/02 12:0 a.m.546 views

Apache CouchDB Erlang Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Couchdb Erlang RCE', 'Description' = %q In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installatio...

10CVSS0.2AI score0.92335EPSS
Exploits9
Metasploit
Metasploit
added 2022/11/01 7:49 p.m.723 views

Apache Couchdb Erlang RCE

In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. Module Options msf use exploit/multi/http/apachecouchdberlangrce msf exploitapachecouchdberlangrce show targets ...targets... msf...

10CVSS7.5AI score0.92335EPSS
Exploits9
Positive Technologies
Positive Technologies
added 2022/08/29 12:0 a.m.3 views

PT-2022-37630 · Undefined · Undefined

CVE Apache CouchDB Insecure Default Initialization of Resource Vulnerability CVE-2022-08-25 Apache CouchDB содержит небезопасную инициализацию ресурсов по умолчанию, которая может позволить злоумышленнику повысить свои привилегии до уровня администратора...

7.3AI score
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2022/08/25 12:0 a.m.36 views

Apache CouchDB Insecure Default Initialization of Resource Vulnerability

Apache CouchDB contains an insecure default initialization of resource vulnerability which can allow an attacker to escalate to administrative privileges...

10CVSS4.7AI score0.92335EPSS
In wildExploits9
Check Point Advisories
Check Point Advisories
added 2022/06/13 12:0 a.m.11 views

Apache CouchDB Remote Code Execution (CVE-2022-24706)

A remote code execution vulnerability exists in Apache CouchDB. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.4AI score0.92335EPSS
Exploits9
GithubExploit
GithubExploit
added 2022/05/20 4:28 a.m.517 views

Exploit for Insecure Default Initialization of Resource in Apache Couchdb

Apache CouchDB 3.2.1 - Remote Code Execution RCE CVE-2022-24...

10CVSS9.9AI score0.92335EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2022/05/13 12:0 a.m.113 views

Apache CouchDB < 3.2.2 Remote Privilege Escalation

According to its banner, the version of CouchDB running on the remote host is prior to 3.2.2 It is, therefore, potentially affected by a remote privilege escalation vulnerability. An attacker can access an improperly secured default installation without authenticating and gain admin privileges...

10CVSS7.5AI score0.92335EPSS
Exploits9References2
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.390 views

Apache CouchDB 3.2.1 - Remote Code Execution (RCE)

Exploit Title: Apache CouchDB 3.2.1 - Remote Code Execution RCE Date: 2022-01-21 Exploit Author: Konstantin Burov, @sadshade Software Link: https://couchdb.apache.org/ Version: 3.2.1 and below Tested on: Kali 2021.2 Based on 1F98D's Erlang Cookie - Remote Code Execution Shodan: port:4369 "name...

10CVSS9.6AI score0.92335EPSS
Exploits9
OpenVAS
OpenVAS
added 2022/05/03 12:0 a.m.23 views

Apache CouchDB < 3.2.2 Privilege Escalation Vulnerability - Windows - Version Check

Apache CouchDB is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:couchdb";...

10CVSS9.5AI score0.92335EPSS
Exploits9References3
OpenVAS
OpenVAS
added 2022/05/03 12:0 a.m.25 views

Apache CouchDB < 3.2.2 Privilege Escalation Vulnerability - Linux - Version Check

Apache CouchDB is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:couchdb";...

10CVSS9.5AI score0.92335EPSS
Exploits9References3
Rows per page
Query Builder