CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...

8.4CVSS8.1AI score0.03587EPSS

Exploits0References4

RedhatCVE•added 2024/03/12 8:8 p.m.•16 views

CVE-2024-27758

8.5CVSS6.9AI score0.03587EPSS

Exploits0References4

OSV•added 2024/03/12 4:15 p.m.•15 views

CVE-2024-27758

8.4CVSS8AI score

Exploits0References2

OSV•added 2024/03/12 4:15 p.m.•0 views

DEBIAN-CVE-2024-27758

8.4CVSS8.3AI score0.03587EPSS

Exploits0References1

Prion•added 2024/03/12 4:15 p.m.•13 views

Remote code execution

7.5AI score0.03587EPSS

Exploits0References2

OSV•added 2024/03/12 4:15 p.m.•0 views

UBUNTU-CVE-2024-27758

8.4CVSS6.1AI score0.03587EPSS

Exploits0References6

UbuntuCve•added 2024/03/12 4:15 p.m.•23 views

CVE-2024-27758

8.4CVSS7.4AI score0.03587EPSS

Exploits0References5

PyPA•added 2024/03/12 4:15 p.m.•4 views

PYSEC-2024-44

8.4CVSS7.7AI score0.03587EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/03/12 12:0 a.m.•16 views

CVE-2024-27758

7.5AI score0.03587EPSS

Exploits0References2

Debian CVE•added 2024/03/12 12:0 a.m.•18 views

CVE-2024-27758

8.4CVSS8.6AI score0.03587EPSS

Exploits0

Veracode•added 2024/03/07 7:10 a.m.•16 views

Arbitrary Code Execution

RPyC is vulnerable to arbitrary code execution. The vulnerability is due to a flaw in the handling of the array attribute specifically when the server-side exposes a method that calls the attribute array for a client provided netref e.g., np.arrayclientnetref. A remote attacker can exploit this b...

8.4CVSS7.8AI score0.03587EPSS

Exploits0

Positive Technologies•added 2024/03/06 12:0 a.m.•2 views

PT-2024-2537 · Rpyc +1 · Rpyc +1

Name of the Vulnerable Software and Affected Versions: RPyC versions prior to 6.0.0 Description: The issue is related to the netref component of the RPyC Python library, which has an incorrect security check for standard elements. This can allow a remote attacker to execute arbitrary code by...

8.4CVSS8AI score0.03587EPSS

Exploits0References27

seebug.org•added 2014/07/01 12:0 a.m.•13 views

Netref 3.0 Index.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15862/info Netref is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromi...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•8 views

Netref 4.0 - Multiple Remote SQL Injection Vulnerabilities

No description provided by source. SuB-ZeRo Dz-hackers Netref 4.0 Remote SQL Injection Vulnerability ----------------------------------------------------------------------------------------------------------- +Discovred by : SuB-ZeRo +Vendor URL : www.netref.net +downloader :...

7.1AI score

Exploits0

NVD•added 2008/12/15 6:0 p.m.•9 views

CVE-2008-5561

SQL injection vulnerability in Netref 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to 1 ficheproduct.php and 2 presentation.php...

7.5CVSS8.4AI score0.00414EPSS

Exploits1References4

Prion•added 2008/12/15 6:0 p.m.•18 views

Sql injection

SQL injection vulnerability in Netref 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to 1 ficheproduct.php and 2 presentation.php...

7.5CVSS9.1AI score0.00414EPSS

Exploits1References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by