Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
NaverNgrinder

3 matches found

CVE
CVEadded 2024/03/07 5:15 a.m.48 views

CVE-2024-28211

nGrinder before 3.5.9 allows connection to malicious JMX/RMI server by default, which could be the cause of executing arbitrary code via RMI registry by remote attacker.

9.8CVSS7.3AI score0.0415EPSS
CVE
CVEadded 2024/03/07 5:15 a.m.46 views

CVE-2024-28213

nGrinder before 3.5.9 allows to accept serialized Java objects from unauthenticated users, which could allow remote attacker to execute arbitrary code via unsafe Java objects deserialization.

9.8CVSS8.1AI score0.09752EPSS
CVE
CVEadded 2024/03/07 5:15 a.m.40 views

CVE-2024-28212

nGrinder before 3.5.9 uses old version of SnakeYAML, which could allow remote attacker to execute arbitrary code via unsafe deserialization.

9.8CVSS7.9AI score0.09747EPSS