Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
πŸ”₯ Daily Hot!
πŸ’ͺ🏽 CPE Enhanced Advisories
πŸ•Ά Shadow Exploits
πŸ•΅πŸΌ Vulners CPE
πŸ” Security news
πŸ’» Exploit updates
πŸ“‘ Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
πŸ€– AI High Score
πŸ“° CVE Feed
show all

3 matches found

Prion
Prionβ€’added 2023/11/16 4:15 p.m.β€’23 views

Design/Logic Flaw

An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature...

7.5CVSS8.2AI score0.68243EPSS
Exploits1References1
CVE
CVEβ€’added 2023/11/16 4:6 p.m.β€’97 views

CVE-2023-6038

CVE-2023-6038 describes a Local File Inclusion in the h2o-3 REST API (ImportFiles and ParseSetup endpoints). An unauthenticated attacker can read arbitrary files on the server with the h2o-3 process’s user permissions. Affected version identified in sources is 3.40.0.4. The issue is severity high...

9.3CVSS8.4AI score0.63282EPSS
In wildExploits1References1Affected Software1
CVE
CVEβ€’added 2023/11/16 4:6 p.m.β€’48 views

CVE-2023-6016

CVE-2023-6016 affects H2O Dashboard via POJO model import, enabling remote code execution on a server hosting the dashboard. The vulnerability is described as a high-severity, network-exploitable issue with no user interaction required, per the NVD metrics (CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I...

10CVSS9.9AI score0.68243EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder