Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.7 views

CVE-2022-37423

Neo4j APOC Awesome Procedures on Cypher before 4.3.0.7 and 4.x before 4.4.0.8 allows Directory Traversal to sibling directories via apoc.log.stream...

7.5CVSS6.9AI score0.01323EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-0819

Malware in sbrugna...

10CVSS9AI score0.01873EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 2:39 a.m.11 views

CVE-2023-23926

APOC Awesome Procedures on Cypher is an add-on library for Neo4j. An XML External Entity XXE vulnerability found in the apoc.import.graphml procedure of APOC core plugin prior to version 5.5.0 and 4.4.0.14 4.4 branch in Neo4j graph database. XML External Entity XXE injection occurs when the XML...

8.1CVSS6.9AI score0.00889EPSS
Exploits0References1
OSV
OSV
added 2025/04/09 5:6 a.m.10 views

MAL-2025-3195 Malicious code in neo4j-apoc-procedures (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ae32122ca71a7a075fce5993dbcdceca009308664157c1655b4b3897e205f3c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/09 5:6 a.m.4 views

Malicious code in neo4j-apoc-procedures (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ae32122ca71a7a075fce5993dbcdceca009308664157c1655b4b3897e205f3c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/09 5:2 a.m.6 views

Malicious code in neo4j-apoc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 446dfffd9d2f4e171ae7e9e3d88c997b8c9c9437d3f9c6b47174ad17ac40a651 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/04/09 5:2 a.m.11 views

MAL-2025-3194 Malicious code in neo4j-apoc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 446dfffd9d2f4e171ae7e9e3d88c997b8c9c9437d3f9c6b47174ad17ac40a651 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2023/02/24 5:39 p.m.4 views

com.buschmais.jqassistant.cli:jqassistant-commandline-neo4jv3 (>=1.4.0 <=1.7.0-RC1), com.buschmais.jqassistant.neo4jserver:neo4jv3 (>=1.4.0 <=1.7.0-RC1) +10 more potentially affected by CVE-2023-23926 via org.neo4j.procedure:apoc (>=3.4.0.1 <=3.5.0.7)

org.neo4j.procedure:apoc MAVEN version =3.4.0.1, =1.4.0, =1.4.0, =1.4.0, =1.8.0, =1.10.0 - org.jqassistant.contrib.plugin:jqassistant-plantuml-rule-plugin =1.7.0 Source cves: CVE-2023-23926 Source advisory: OSV:GHSA-9VX8-F5C4-862X...

8.1CVSS7.2AI score0.00889EPSS
Exploits0
OSV
OSV
added 2023/02/24 5:39 p.m.28 views

GHSA-9VX8-F5C4-862X XML External Entity (XXE) vulnerability in apoc.import.graphml

Impact A XML External Entity XXE vulnerability found in the apoc.import.graphml procedure of APOC core plugin in Neo4j graph database. XML External Entity XXE injection occurs when the XML parser allows external entities to be resolved. The XML parser used by the apoc.import.graphml procedure was...

5.9CVSS6.9AI score0.00889EPSS
Exploits0References6
OSV
OSV
added 2023/02/16 8:46 p.m.29 views

GHSA-6WXG-WH7F-RQPR XML External Entity (XXE) vulnerability in apoc.import.graphml

Impact A XML External Entity XXE vulnerability found in the apoc.import.graphml procedure of APOC core plugin in Neo4j graph database. XML External Entity XXE injection occurs when the XML parser allows external entities to be resolved. The XML parser used by the apoc.import.graphml procedure was...

5.9CVSS6.9AI score0.00889EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2023/01/14 12:29 a.m.15 views

CVE-2022-23532 neo4j-apoc-procedures is vulnerable to path traversal

APOC Awesome Procedures on Cypher is an add-on library for Neo4j that provides hundreds of procedures and functions. A path traversal vulnerability found in the apoc.export. procedures of apoc plugins in Neo4j Graph database. The issue allows a malicious actor to potentially break out of the...

7.1CVSS7.1AI score0.00658EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/01/14 12:29 a.m.41 views

CVE-2022-23532 neo4j-apoc-procedures is vulnerable to path traversal

APOC Awesome Procedures on Cypher is an add-on library for Neo4j that provides hundreds of procedures and functions. A path traversal vulnerability found in the apoc.export. procedures of apoc plugins in Neo4j Graph database. The issue allows a malicious actor to potentially break out of the...

7.1CVSS7.1AI score0.00658EPSS
Exploits0References2
Veracode
Veracode
added 2018/12/21 3:14 a.m.21 views

XML External Entity Injection (XXE)

neo4j-apoc-procedures is susceptible to XML external entity injection XXE. The vulnerability is caused due to the way XML parser processes XML input containing a reference to an external entity using a weak configuration...

10CVSS9.3AI score0.01873EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/12/20 10:2 p.m.11 views

GHSA-R2PP-X4MM-4999 XML External Entity (XXE) vulnerability in neo4j.procedure:apoc

neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity XXE vulnerability in XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after commit 45bc09c...

10CVSS5.9AI score0.01873EPSS
Exploits0References3
Prion
Prion
added 2018/12/20 3:29 p.m.21 views

Xxe

neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity XXE vulnerability in XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after commit 45bc09c...

7.5CVSS9.4AI score0.01873EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2018/12/20 12:0 a.m.5 views

PT-2018-9544 · Neo4J Contrib · Neo4J-Apoc-Procedures

Name of the Vulnerable Software and Affected Versions: neo4j-contrib neo4j-apoc-procedures versions before commit 45bc09c Description: The issue is related to a XML External Entity XXE vulnerability in the XML Parser. This can result in disclosure of confidential data, denial of service,...

10CVSS9.2AI score0.01873EPSS
Exploits0References5
Rows per page
Query Builder