CVE-2024-27920

projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing cust...

CVE-2024-27920

The CVE covers projectdiscovery/nuclei where unsigned code templates could be executed via workflows in Nuclei v3. root cause: oversight in workflow execution that allows executing unsigned templates. Impact: local execution with high severity per listed metrics; effects are mitigation-dependent ...

CVE-2024-27920 Unsigned code template execution through workflows in projectdiscovery/nuclei

projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing cust...

CVE-2024-27920 Unsigned code template execution through workflows in projectdiscovery/nuclei

projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing cust...

GHSA-W5WX-6G2R-R78Q Nuclei allows unsigned code template execution through workflows

Overview A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing custom workflows, potentially allowing the execution of malicious code on the user's system. This...

Microsoft SharePoint Workflow Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of custom workflows. The issue results from the lack of proper validation ...

Workshop: AWS S3 Bucket for Malware Scanning

In this workshop, you will learn how to scan your objects that are being uploaded to Amazon S3 buckets for malware and integrate into your custom workflows, by automating with your current resources, directly in your AWS environment...

Workshop: AWS S3 Bucket for Malware Scanning

In this workshop, you will learn how to scan your objects that are being uploaded to Amazon S3 buckets for malware and integrate into your custom workflows, by automating with your current resources, directly in your AWS environment...