CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

392 matches found

JFrog Artifactory 6.7.3 - Admin Login Bypass

JFrog Artifactory 6.7.3 is vulnerable to an admin login bypass issue because by default the access-admin account is used to reset the password of the admin account. While this is only allowable from a connection directly from localhost, providing an X-Forwarded-For HTTP header to the request allo...

9.8CVSS7.3AI score0.91697EPSS

Exploits3References5

RedhatCVE•added 2026/01/09 9:21 a.m.•6 views

CVE-2021-41834

JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control, the copy functionality can be used by a low-privileged user to read and copy any artifact that exists in the Artifactory deployment due to improper permissions validation...

6.5CVSS6.7AI score0.0018EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:12 a.m.•5 views

CVE-2022-0668

JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to Privilege Escalation when a specially crafted request is sent by an unauthenticated user...

9.8CVSS7AI score0.00254EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:41 a.m.•10 views

CVE-2022-0573

JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted request is sent by a low privileged authenticated user due to insufficient validation of a...

8.8CVSS7.3AI score0.0592EPSS

Exploits0References1

RedhatCVE•added 2026/01/05 9:22 a.m.•4 views

CVE-2025-14830

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in JFrog Artifactory Workers allows Cross-Site Scripting XSS.This issue affects Artifactory Workers: from =7.94.0 through 7.117.10...

4.9CVSS5.8AI score0.00029EPSS

Exploits0References1

Tenable Nessus•added 2026/01/05 12:0 a.m.•2 views

JFrog Artifactory Artifacts Repository Detected

JFrog Artifactory is a popular repository management tool used to store and manage software artifacts. If the Artifacts repository is detected and accessible, it may expose sensitive information or allow unauthorized access to stored artifacts. No source data...

6.5AI score

Exploits0References1

NVD•added 2026/01/04 10:15 a.m.•1 views

CVE-2025-14830

4.9CVSS0.00029EPSS

Exploits0References1

EUVD•added 2026/01/04 9:17 a.m.•1 views

EUVD-2026-0780

4.9CVSS5.3AI score0.00029EPSS

Exploits0References2

Cvelist•added 2026/01/04 9:17 a.m.•15 views

CVE-2025-14830 JFrog Artifactory Cross-Site Scripting

4.9CVSS0.00029EPSS

Exploits0References1

Vulnrichment•added 2026/01/04 9:17 a.m.•1 views

CVE-2025-14830 JFrog Artifactory Cross-Site Scripting

4.9CVSS5.9AI score0.00029EPSS

Exploits0References1

CVE•added 2026/01/04 9:17 a.m.•11 views

CVE-2025-14830

CVE-2025-14830 affects JFrog Artifactory (Workers) versions 7.94.0 through 7.117.9 (and 7.117.10 as the fixed point referenced) due to improper neutralization of input during web page generation, resulting in Cross-Site Scripting (XSS). Root cause: inadequate input handling in the web page genera...

4.9CVSS5.5AI score0.00029EPSS

Exploits0References1

CNNVD•added 2026/01/04 12:0 a.m.•2 views

JFrog Artifactory Workers 跨站脚本漏洞

JFrog Artifactory Workers is an extension service from JFrog USA. A cross-site scripting vulnerability exists in JFrog Artifactory Workers versions 7.94.0 through prior to 7.117.10, which stems from improper input neutralization during web page generation and could lead to cross-site scripting...

4.9CVSS6AI score0.00029EPSS

Exploits0References2

Positive Technologies•added 2026/01/04 12:0 a.m.•2 views

PT-2026-1151

Name of the Vulnerable Software and Affected Versions JFrog Artifactory Workers versions 7.94.0 through 7.117.9 Description An issue exists in JFrog Artifactory Workers that allows for Cross-Site Scripting XSS. This is due to improper neutralization of input during web page generation. The issue...

4.9CVSS6AI score0.00029EPSS

Exploits0References4

EUVD•added 2025/12/30 5:5 p.m.•2 views

EUVD-2025-205827

Malicious code in @ptest2535/artifactory-demo-ptest npm...

6.6AI score

Exploits0References1

OSV•added 2025/12/30 5:5 p.m.•2 views

MAL-2025-192979 Malicious code in @ptest2535/artifactory-demo-ptest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 179d121743e4ae61b32780c6a0ea72f57b23796b21513e57f998da725dd49318 The package @ptest2535/artifactory-demo-ptest was found to contain malicious code. Source: ghsa-malware...

6.8AI score

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-27097

Malware in sbrugna...

8.8CVSS8.5AI score0.00247EPSS

Exploits3References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-10274

Malware in sbrugna...

8.8CVSS8.6AI score0.00068EPSS

Exploits0References3