Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:30 a.m.9 views

CVE-2019-5475

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability...

9CVSS7.3AI score0.18396EPSS
Exploits5References1
OSV
OSV
added 2019/11/01 3:15 p.m.20 views

CVE-2019-15588

There is an OS Command Injection in Nexus Repository Manager = 2.14.14 bypass CVE-2019-5475 that could allow an attacker a Remote Code Execution RCE. All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capability...

7.2CVSS7.7AI score0.18396EPSS
Exploits5References2
Cvelist
Cvelist
added 2019/11/01 2:46 p.m.23 views

CVE-2019-15588

There is an OS Command Injection in Nexus Repository Manager = 2.14.14 bypass CVE-2019-5475 that could allow an attacker a Remote Code Execution RCE. All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capability...

7.5AI score0.05602EPSS
Exploits3References2
CVE
CVE
added 2019/11/01 2:46 p.m.133 views

CVE-2019-15588

Summary (CVE-2019-15588) : Nexus Repository Manager versions up to 2.14.14 are affected by an OS command injection that can lead to remote code execution. The root cause involves untrusted data flowing into CommandLineExecutor.java, notably via the Yum Configuration Capability (createrepo/mergere...

9CVSS8AI score0.05602EPSS
Exploits3References2Affected Software1
Github Security Blog
Github Security Blog
added 2019/09/11 11:4 p.m.39 views

OS Command Injection in Nexus Yum Repository Plugin

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability...

9CVSS3.1AI score0.18396EPSS
Exploits5References3Affected Software1
OSV
OSV
added 2019/09/11 11:4 p.m.25 views

GHSA-G5M7-57PH-J6P8 OS Command Injection in Nexus Yum Repository Plugin

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability...

8.8CVSS7.8AI score0.18396EPSS
Exploits5References2
Hacker One
Hacker One
added 2019/09/05 3:25 a.m.94 views

Central Security Project: OS Command Injection in Nexus Repository Manager 2.x(bypass CVE-2019-5475)

OS Command Injection in Nexus Repository Manager 2.xbypass CVE-2019-5475 Maven artifact groupId: org.sonatype.nexus.plugins artifactId: nexus-yum-repository-plugin version: 2.14.14-01 Vulnerability Vulnerability Description The Nexus Yum Repository Plugin is vulnerable to Remote Code Execution. A...

9CVSS0.4AI score0.18396EPSS
Exploits5
NVD
NVD
added 2019/09/03 8:15 p.m.15 views

CVE-2019-5475

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability...

9CVSS7.3AI score0.18396EPSS
Exploits5References1
OSV
OSV
added 2019/09/03 8:15 p.m.20 views

CVE-2019-5475

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability...

8.8CVSS7.2AI score
Exploits0References1
Prion
Prion
added 2019/09/03 8:15 p.m.18 views

Remote code execution

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability...

9CVSS7.8AI score0.18396EPSS
Exploits5References1Affected Software1
CVE
CVE
added 2019/09/03 7:13 p.m.200 views

CVE-2019-5475

CVE-2019-5475 is an OS command injection in the Nexus Yum Repository Plugin (Nexus Repository Manager) that can lead to Remote Code Execution. The vulnerability occurs in the Yum: Configuration capability when the capability’s payload data is not properly sanitized, allowing an attacker with admi...

9CVSS7.7AI score0.18396EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
added 2019/09/03 7:13 p.m.41 views

CVE-2019-5475

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability...

7.3AI score0.18396EPSS
Exploits5References1
Hacker One
Hacker One
added 2019/07/23 1:53 p.m.74 views

Central Security Project: OS Command Injection in Nexus Repository Manager 2.x

Maven artifact groupId: org.sonatype.nexus.plugins artifactId: nexus-yum-repository-plugin version: 2.14.9-01 Vulnerability Vulnerability Description The Nexus Yum Repository Plugin is vulnerable to Remote Code Execution. All instances using CommandLineExecutor.java with user-supplied data is...

9CVSS0.2AI score0.18396EPSS
Exploits5
0day.today
0day.today
added 2019/05/01 12:0 a.m.34 views

Yum Package Manager Persistence Exploit

This Metasploit module will run a payload when the package manager is used. No handler is run automatically so you must configure an appropriate exploit/multi/handler to connect. Module modifies a yum plugin to launch a binary of choice. grep -F 'enabled=1' /etc/yum/pluginconf.d/ will show what...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2019/04/30 12:0 a.m.28 views

Yum Package Manager Persistence

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Yum Package Manager Persistence', 'Description' = %q This module will run a payload when the package manager is used. No handler is ran...

Exploits0
RedHat Linux
RedHat Linux
added 2013/02/28 6:40 p.m.61 views

Important: Red Hat Security Advisory: rhev-hypervisor6 security, bug fix, and enhancement update

An updated rhev-hypervisor6 package that fixes three security issues, various bugs, and adds an enhancement is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

7.1CVSS6.5AI score0.21653EPSS
Exploits3References10
Rows per page
Query Builder