141 matches found
Apache HertzBeat 1.8.0 - Remote Code Execution
Exploit Title: Apache HertzBeat 1.8.0 - Remote Code Execution Google Dork: N/A Date: 2026-03-09 Exploit Author: Brett Gervasoni Vendor Homepage: https://hertzbeat.apache.org/ Software Link: https://github.com/apache/hertzbeat/releases Version: 1.8.0 Tested on: Linux Docker; official HertzBeat...
CVE-2026-24343
Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue...
CVE-2026-24343
Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue...
CVE-2026-24343
Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue...
CVE-2026-24343 Apache HertzBeat: Uncontrolled Resource Consumption via Crafted XPath Expressions
Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue...
CVE-2026-24343
Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue...
CVE-2026-24343
CVE-2026-24343 affects Apache HertzBeat up to 1.7.9; fixed in 1.8.0. The flaw is an improper neutralization of data within XPath expressions, i.e., an XPath Injection that can cause uncontrolled resource consumption. Affected versions: 1.7.1–1.7.9. Impact metrics indicate high risk (Network attac...
CVE-2026-24343 Apache HertzBeat: Uncontrolled Resource Consumption via Crafted XPath Expressions
Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue...
Apache HertzBeat 安全漏洞
Apache HertzBeat is a tool developed by the Apache company that can monitor various components. Versions of Apache HertzBeat prior to 1.8.0 contained a security vulnerability, which was caused by improper data neutralization of XPath expressions, potentially leading to XPath injection attacks...
PT-2026-7141
Name of the Vulnerable Software and Affected Versions Apache HertzBeat versions 1.7.1 through 1.7.9 Description An issue exists in Apache HertzBeat related to improper neutralization of data within XPath expressions, potentially leading to XPath Injection. This could allow for crafted XPath...
EUVD-2023-56362
Malicious code in bioql PyPI...
EUVD-2024-54415
Malicious code in bioql PyPI...
EUVD-2024-39571
Malicious code in bioql PyPI...
EUVD-2023-56108
Malicious code in bioql PyPI...
EUVD-2022-41813
Malicious code in bioql PyPI...
EUVD-2025-27245
Malicious code in bioql PyPI...
EUVD-2025-27244
Malicious code in bioql PyPI...
EUVD-2024-39570
Malicious code in bioql PyPI...
CVE-2025-24404
XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat. The attacker needs to have an authenticated account with access, and add monitor parsed by xml, returned special content can trigger the XML parsing vulnerability. This issue affects Apache HertzBeat incubatin...
CVE-2025-48208
Improper Neutralization of Special Elements used in an LDAP Query 'LDAP Injection' vulnerability in Apache HertzBeat . The attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary...