Lucene search
+L

12 matches found

redhatcve
redhatcve
added 2025/05/23 4:15 a.m.5 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.4AI score0.01141EPSS
Exploits1
veracode
veracode
added 2023/08/31 4:48 a.m.21 views

Path Traversal

PF4J is vulnerable to Path Traversal. The vulnerability exists in the extract function in Unzip.java due to a lack of path validation which allows an attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.3AI score0.01141EPSS
Exploits1References5Affected Software1
osv
osv
added 2023/08/29 12:32 a.m.3 views

GHSA-3R28-RGP9-QGV4 pf4j vulnerable to remote code execution via the zippluginPath parameter

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS6.2AI score0.01141EPSS
Exploits1References3
attackerkb
attackerkb
added 2023/08/28 10:15 p.m.3 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.5AI score0.01141EPSS
Exploits1References2
nvd
nvd
added 2023/08/28 10:15 p.m.25 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.7AI score0.01141EPSS
Exploits1References1
osv
osv
added 2023/08/28 10:15 p.m.4 views

DEBIAN-CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.8AI score0.01141EPSS
Exploits1References1
prion
prion
added 2023/08/28 10:15 p.m.9 views

Code injection

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

5CVSS7.7AI score0.01141EPSS
Exploits1References1Affected Software1
ubuntucve
ubuntucve
added 2023/08/28 10:15 p.m.14 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.4AI score0.01141EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2023/08/28 12:0 a.m.2 views

PT-2023-27656 · Pf4J +1 · Pf4J +1

Name of the Vulnerable Software and Affected Versions: pf4j versions 3.9.0 and earlier Description: An issue in pf4j allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter. Recommendations: For pf4j versions 3.9.0 and earlier, consider...

7.5CVSS7.7AI score0.01141EPSS
Exploits1References18
vulnrichment
vulnrichment
added 2023/08/28 12:0 a.m.15 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.4AI score0.01141EPSS
Exploits1References1
debiancve
debiancve
added 2023/08/28 12:0 a.m.16 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.7AI score0.01141EPSS
Exploits1
osv
osv
added 2023/08/28 12:0 a.m.16 views

CVE-2023-40826

An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter...

7.5CVSS7.7AI score0.01141EPSS
Exploits1References3
Rows per page
Query Builder