52 matches found
CVE-2026-24343
Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue...
CVE-2026-24343
Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue...
CVE-2026-24343
Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue...
CVE-2026-24343 Apache HertzBeat: Uncontrolled Resource Consumption via Crafted XPath Expressions
Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue...
CVE-2026-24343
Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue...
Apache HertzBeat 安全漏洞
Apache HertzBeat is a tool developed by the Apache company that can monitor various components. Versions of Apache HertzBeat prior to 1.8.0 contained a security vulnerability, which was caused by improper data neutralization of XPath expressions, potentially leading to XPath injection attacks...
PT-2026-7141
Name of the Vulnerable Software and Affected Versions Apache HertzBeat versions 1.7.1 through 1.7.9 Description An issue exists in Apache HertzBeat related to improper neutralization of data within XPath expressions, potentially leading to XPath Injection. This could allow for crafted XPath...
EUVD-2024-54415
Malicious code in bioql PyPI...
CVE-2025-24404
XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat. The attacker needs to have an authenticated account with access, and add monitor parsed by xml, returned special content can trigger the XML parsing vulnerability. This issue affects Apache HertzBeat incubatin...
CVE-2025-24404
XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat. The attacker needs to have an authenticated account with access, and add monitor parsed by xml, returned special content can trigger the XML parsing vulnerability. This issue affects Apache HertzBeat incubatin...
CVE-2025-24404
XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat. The attacker needs to have an authenticated account with access, and add monitor parsed by xml, returned special content can trigger the XML parsing vulnerability. This issue affects Apache HertzBeat incubatin...
CVE-2025-48208
Improper Neutralization of Special Elements used in an LDAP Query 'LDAP Injection' vulnerability in Apache HertzBeat . The attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary...
Apache HertzBeat 注入漏洞
Apache HertzBeat is a tool from Apache USA that monitors various components. An injection vulnerability exists in Apache HertzBeat 1.7.2 and earlier versions, which stems from improper neutralization of special elements in an LDAP query, and could lead to an LDAP injection attack...
PT-2025-36719
Name of the Vulnerable Software and Affected Versions: Apache HertzBeat versions prior to 1.7.0 Description: An XML injection Remote Code Execution RCE vulnerability exists in Apache HertzBeat due to parsing of HTTP sitemap XML responses. An attacker with authenticated access can trigger the...
CVE-2024-45791
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: before 1.6.1. Users are recommended to upgrade to version 1.6.1, which fixes the issue...
CVE-2024-42323
SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat incubating. This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat incubating: before 1.6.0. Users are recommended to upgrade to version 1.6.0, which fixes the issue...
CVE-2024-45505
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache HertzBeat incubating. This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat incubating: before 1.6.1. Users are recommended to upgrade to versi...
CVE-2024-56736
Server-Side Request Forgery SSRF vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat incubating: before 1.7.0. Users are recommended to upgrade to version 1.7.0, which fixes the issue...
CVE-2024-56736
Server-Side Request Forgery SSRF vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat incubating: before 1.7.0. Users are recommended to upgrade to version 1.7.0, which fixes the issue...
CVE-2024-56736
Server-Side Request Forgery SSRF vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat incubating: before 1.7.0. Users are recommended to upgrade to version 1.7.0, which fixes the issue...