CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2025/05/23 4:15 a.m.•4 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.4AI score0.01141EPSS

Exploits1

Veracode•added 2023/08/31 4:48 a.m.•19 views

Path Traversal

PF4J is vulnerable to Path Traversal. The vulnerability exists in the extract function in Unzip.java due to a lack of path validation which allows an attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.3AI score0.01141EPSS

Exploits1References5Affected Software1

OSV•added 2023/08/29 12:32 a.m.•1 views

GHSA-3R28-RGP9-QGV4 pf4j vulnerable to remote code execution via the zippluginPath parameter

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS6.2AI score0.01141EPSS

Exploits1References3

ATTACKERKB•added 2023/08/28 10:15 p.m.•0 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.5AI score0.01141EPSS

Exploits1References2

NVD•added 2023/08/28 10:15 p.m.•13 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.7AI score0.01141EPSS

Exploits1References1

OSV•added 2023/08/28 10:15 p.m.•1 views

DEBIAN-CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.8AI score0.01141EPSS

Exploits1References1

OSV•added 2023/08/28 10:15 p.m.•13 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.7AI score

Exploits0References1

UbuntuCve•added 2023/08/28 10:15 p.m.•10 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.4AI score0.01141EPSS

Exploits1References2

Prion•added 2023/08/28 10:15 p.m.•8 views

Code injection

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

5CVSS7.7AI score0.01141EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2023/08/28 12:0 a.m.•2 views

PT-2023-27656 · Pf4J +1 · Pf4J +1

Name of the Vulnerable Software and Affected Versions: pf4j versions 3.9.0 and earlier Description: An issue in pf4j allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter. Recommendations: For pf4j versions 3.9.0 and earlier, consider...

7.5CVSS7.7AI score0.01141EPSS

Exploits1References18

Vulnrichment•added 2023/08/28 12:0 a.m.•14 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.4AI score0.01141EPSS

Exploits1References1

Debian CVE•added 2023/08/28 12:0 a.m.•14 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.7AI score0.01141EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by