Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 11:25 a.m.5 views

CVE-2021-28154

Camunda Modeler aka camunda-modeler through 4.6.0 allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulates the readFile and writeFile APIs. NOTE: the vendor states "The way we secured the app is that it...

9.1CVSS6.9AI score0.01481EPSS
Exploits1References1
OSV
OSVadded 2021/03/11 10:15 p.m.5 views

CVE-2021-28154

Camunda Modeler aka camunda-modeler through 4.6.0 allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulates the readFile and writeFile APIs. NOTE: the vendor states "The way we secured the app is that it...

9.1CVSS7AI score
Exploits0References1
Prion
Prionadded 2021/03/11 10:15 p.m.17 views

Design/Logic Flaw

DISPUTED Camunda Modeler aka camunda-modeler through 4.6.0 allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulates the readFile and writeFile APIs. NOTE: the vendor states "The way we secured the app is...

6.4CVSS9.1AI score0.01481EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2021/03/11 9:14 p.m.82 views

CVE-2021-28154

Camunda Modeler (aka camunda-modeler) ≤ 4.6.0 is affected by an arbitrary file access flaw in the ipcRenderer interface. A remote attacker can send a crafted IPC message to manipulate readFile and writeFile, potentially exposing partial file contents or allowing unauthorized writes. The issue is ...

9.1CVSS9AI score0.01481EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2021/03/11 9:14 p.m.15 views

CVE-2021-28154

Camunda Modeler aka camunda-modeler through 4.6.0 allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulates the readFile and writeFile APIs. NOTE: the vendor states "The way we secured the app is that it...

9.3AI score0.01481EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2021/03/11 12:0 a.m.6 views

PT-2021-17779 · Camunda · Camunda Modeler

Name of the Vulnerable Software and Affected Versions: Camunda Modeler versions through 4.6.0 Description: The issue allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulates the readFile and writeFile API...

9.1CVSS7.2AI score0.01481EPSS
Exploits1References5
CNNVD
CNNVDadded 2021/03/11 12:0 a.m.5 views

Nico Rehwaldt camunda-modeler 安全漏洞

Nico Rehwaldt camunda-modeler is a Nico Rehwaldt open source application. Provides an integrated modeling solution for BPMN and DMN based on bpmn.io. A security vulnerability exists in Nico Rehwaldt camunda-modeler version 4.6.0 and earlier versions that allows arbitrary file access...

9.1CVSS8.4AI score0.01481EPSS
Exploits1References2
Rows per page
Query Builder