216 matches found
JFrog Artifactory 6.7.3 - Admin Login Bypass
JFrog Artifactory 6.7.3 is vulnerable to an admin login bypass issue because by default the access-admin account is used to reset the password of the admin account. While this is only allowable from a connection directly from localhost, providing an X-Forwarded-For HTTP header to the request allo...
CVE-2021-41834
JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control, the copy functionality can be used by a low-privileged user to read and copy any artifact that exists in the Artifactory deployment due to improper permissions validation...
CVE-2022-0668
JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to Privilege Escalation when a specially crafted request is sent by an unauthenticated user...
CVE-2022-0573
JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted request is sent by a low privileged authenticated user due to insufficient validation of a...
CVE-2025-14830
CVE-2025-14830 affects JFrog Artifactory (Workers) versions 7.94.0 through 7.117.9 (and 7.117.10 as the fixed point referenced) due to improper neutralization of input during web page generation, resulting in Cross-Site Scripting (XSS). Root cause: inadequate input handling in the web page genera...
JFrog Artifactory Workers 跨站脚本漏洞
JFrog Artifactory Workers is an extension service from JFrog USA. A cross-site scripting vulnerability exists in JFrog Artifactory Workers versions 7.94.0 through prior to 7.117.10, which stems from improper input neutralization during web page generation and could lead to cross-site scripting...
PT-2026-1151
Name of the Vulnerable Software and Affected Versions JFrog Artifactory Workers versions 7.94.0 through 7.117.9 Description An issue exists in JFrog Artifactory Workers that allows for Cross-Site Scripting XSS. This is due to improper neutralization of input during web page generation. The issue...
EUVD-2018-11638
Malware in sbrugna...
EUVD-2016-7423
Malware in sbrugna...
EUVD-2018-1879
Malware in sbrugna...
EUVD-2019-9525
Malware in sbrugna...
EUVD-2021-27097
Malware in sbrugna...
EUVD-2018-1958
Malware in sbrugna...
EUVD-2021-10274
Malware in sbrugna...
EUVD-2021-32449
Malicious code in bioql PyPI...
EUVD-2024-27203
Malicious code in bioql PyPI...
EUVD-2024-47902
Malicious code in bioql PyPI...
EUVD-2023-46941
Malicious code in bioql PyPI...
EUVD-2023-47095
Malicious code in bioql PyPI...
EUVD-2024-32702
Malicious code in bioql PyPI...