Lucene search
K

81 matches found

Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.14 views

PT-2026-49053

Name of the Vulnerable Software and Affected Versions GeoServer versions prior to 2.26.4 GeoServer versions prior to 2.27.3 Description An authenticated administrator with access to the security system can provide arbitrary absolute file paths to the Master Password Dump web page to create files...

7.2CVSS8.2AI score0.00353EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2026/06/11 8:34 p.m.10 views

GeoServer DB2 DataStore Extension has a JNDI Vulnerability via Store Connection

Summary Administrator can perform JNDI attack through specially crafted DB2 jdbc url leading to Remote Code Execution RCE. Impact If GeoServer has DB2 extension installed, this vulnerability can lead to executing arbitrary code. Details Authenticated users can access Vector Data Sources page to...

8.8CVSS7.2AI score0.01378EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2025/12/13 4:53 a.m.5 views

XML External Entity (XXE)

GeoServer is vulnerable to XML External Entity XXE. The vulnerability is due to improper handling of XML entity resolution in schema parsing, which allows an attacker to exploit external entity references to access sensitive data or perform unauthorized actions...

9.9CVSS5.3AI score0.50825EPSS
Exploits1References9Affected Software2
The Hacker News
The Hacker News
added 2025/12/12 5:1 a.m.19 views

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a high-severity security flaw impacting OSGeo GeoServer to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2025-58360 CVSS...

9.8CVSS7.1AI score0.99813EPSS
Exploits29
NVD
NVD
added 2025/11/25 9:15 p.m.6 views

CVE-2025-58360

GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity XXE vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap...

9.8CVSS0.66753EPSS
Exploits4References3
Vulnrichment
Vulnrichment
added 2025/11/25 8:17 p.m.5 views

CVE-2025-58360 GeoServer is vulnerable to an Unauthenticated XML External Entities (XXE) attack via WMS GetMap feature

GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity XXE vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap...

8.2CVSS6.5AI score0.66753EPSS
Exploits4References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-0889

Malicious code in bioql PyPI...

4.8CVSS6.4AI score0.00426EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-1623

Malicious code in bioql PyPI...

7.2CVSS6.9AI score0.01465EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-0864

Malicious code in bioql PyPI...

4.8CVSS6.3AI score0.00426EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-0917

Malicious code in bioql PyPI...

4.8CVSS6.3AI score0.00426EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2023-2717

Malicious code in bioql PyPI...

8.6CVSS5.5AI score0.00514EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-17814

Malicious code in bioql PyPI...

6.6AI score
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-0920

Malicious code in bioql PyPI...

4.8CVSS6.4AI score0.00487EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-2371

Malicious code in bioql PyPI...

4.9CVSS6.4AI score0.00397EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-17684

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00432EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-0872

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.00405EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-0890

Malicious code in bioql PyPI...

7.2CVSS6.9AI score0.01867EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-0853

Malicious code in bioql PyPI...

6CVSS6.4AI score0.00694EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-58069

Malicious code in bioql PyPI...

8.8CVSS6AI score0.00844EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-3529

Malicious code in bioql PyPI...

5.3CVSS8.5AI score0.00698EPSS
Exploits1References6
Rows per page
Query Builder