Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

The Hacker News
The Hacker Newsadded 2024/07/16 4:1 a.m.59 views

CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a critical security flaw impacting OSGeo GeoServer GeoTools to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. GeoServer is an open-source software server written in Java that...

9.8CVSS9.7AI score0.99813EPSS
Exploits31
BDU FSTEC
BDU FSTECadded 2024/07/04 12:0 a.m.5 views

The vulnerability of the application software interface of the GeoTools library, used for managing and publishing geospatial data on the OSGeo GeoServer server, allows a perpetrator to execute arbitrary code.

The vulnerability of the application software interface of the GeoTools library, used for managing and publishing geospatial data on the OSGeo GeoServer server, is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a...

10CVSS8.3AI score0.99813EPSS
Exploits26References7Affected Software2
Tenable Nessus
Tenable Nessusadded 2023/06/14 12:0 a.m.22 views

Debian DSA-5426-1 : owslib - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5426 advisory. - OWSLib is a Python package for client programming with Open Geospatial Consortium OGC web service interface standards, and their related content models. OWSLib's XML...

8.2CVSS7.7AI score0.00977EPSS
Exploits0References6
UbuntuCve
UbuntuCveadded 2023/03/08 12:15 a.m.21 views

CVE-2023-27476

OWSLib is a Python package for client programming with Open Geospatial Consortium OGC web service interface standards, and their related content models. OWSLib's XML parser which supports both lxml and xml.etree does not disable entity resolution, and could lead to arbitrary file reads from an...

8.2CVSS7AI score0.00977EPSS
Exploits0References5
CNNVD
CNNVDadded 2021/08/23 12:0 a.m.3 views

PyWPS 代码问题漏洞

PyWPS is an implementation of the Web Processing Services standard of the Open Geospatial Consortium OGC standards organization.PyWPS is written in Python. A code issue vulnerability exists in PyWPS versions prior to 4.5.0 that stems from XML External Entity XXE injection in the software. This...

7.5CVSS7.4AI score0.01524EPSS
Exploits0References6
OSV
OSVadded 2011/08/01 7:55 p.m.4 views

DEBIAN-CVE-2011-2703

Multiple SQL injection vulnerabilities in MapServer before 4.10.7, 5.x before 5.6.7, and 6.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via vectors related to 1 OGC filter encoding or 2 WMS time support...

7.5CVSS8.8AI score0.02734EPSS
Exploits0References1
Rows per page
Query Builder