30 matches found
EUVD-2024-1128
Malicious code in bioql PyPI...
CVE-2024-43441
Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0. Users are recommended to upgrade to version 1.5.0, which fixes the issue...
CVE-2024-27349
Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
CVE-2024-27348
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...
Apache HugeGraph-Server: Fixed JWT Token (Secret)
Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0. Users are recommended to upgrade to version 1.5.0, which fixes the issue...
GHSA-F697-GM3H-XRF9 Apache HugeGraph-Server: Fixed JWT Token (Secret)
Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0. Users are recommended to upgrade to version 1.5.0, which fixes the issue...
CVE-2024-43441
Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0. Users are recommended to upgrade to version 1.5.0, which fixes the issue...
CVE-2024-43441
Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0. Users are recommended to upgrade to version 1.5.0, which fixes the issue...
CVE-2024-43441
Apache HugeGraph-Server
CVE-2024-43441 Apache HugeGraph-Server: Fixed JWT Token(Secret)
Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0. Users are recommended to upgrade to version 1.5.0, which fixes the issue...
Metasploit Weekly Wrap-Up 08/16/2024
New module content 3 Apache HugeGraph Gremlin RCE Authors: 6right and jheysel-r7 Type: Exploit Pull request: 19348 contributed by jheysel-r7 Path: linux/http/apachehugegraphgremlinrce AttackerKB reference: CVE-2024-27348 Description: Adds an Apache HugeGraph Server exploit for GHSA-29rc-vq7f-x335...
PT-2024-10202 · Apache · Apache Hugegraph-Server
Name of the Vulnerable Software and Affected Versions: Apache HugeGraph-Server versions 1.0.0 through 1.5.0 Description: The issue is related to an authentication bypass vulnerability in Apache HugeGraph-Server, which can be exploited by remote attackers to execute arbitrary code. This...
The Bug Report - June 2024 Edition
The Bug Report - June 2024 Edition By Jonathan Omakun & Tobi Olawale · June 27, 2024 Why am I Here Welcome back to The Bug Report, the "so hot the server fans are sweating" edition! For those who are new to our monthly adventure, every month, our dedicated Advanced Research Center vulnerability...
Exploit for Improper Access Control in Apache Hugegraph
CVE-2024-27348 🪶 CVE-2024-27348 Proof of concept Exploit RCE...
Apache HugeGraph-Server Security Bypass Vulnerability
Apache HugeGraph-Server is the United States Apache Apache Foundation of a fast, scalable graph database. A security bypass vulnerability exists in Apache HugeGraph-Server, which can be exploited by an attacker to bypass whitelisting by sending specially crafted requests in authentication mode...
Apache HugeGraph-Server: Command execution in gremlin
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...
GHSA-6MGP-P75R-VHJM Apache HugeGraph-Server: Bypass whitelist in Auth mode
Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
GHSA-29RC-VQ7F-X335 Apache HugeGraph-Server: Command execution in gremlin
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue...
Apache HugeGraph-Server: Bypass whitelist in Auth mode
Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue...
CVE-2024-27349
Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue...