Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Nexus repository manager'
2022-03-30
CVE-2022-27907
CWE-918
Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF.
2022-03-17
CVE-2021-43961
CWE-74
Sonatype Nexus Repository Manager 3.36.0 allows HTML Injection.
2021-11-04
CVE-2021-43293
CWE-918
Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote authenticated attacker to potentially perform network enumeration via Server Side Request Forgery (SSRF).
2021-11-02
CVE-2021-42568
CWE-200
Sonatype Nexus Repository Manager 3.x through 3.35.0 allows attackers to access the SSL Certificates Loading function via a low-privileged account.
2021-08-10
CVE-2021-37152
CWE-79
Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository Manager�??s pages with code modifications.
2021-06-18
CVE-2021-34553
CWE-22
Sonatype Nexus Repository Manager 3.x before 3.31.0 allows a remote authenticated attacker to get a list of blob files and read the content of a blob file (via a GET request) without having been granted access.
2021-04-28
CVE-2021-29159
CWE-79
A cross-site scripting (XSS) vulnerability has been discovered in Nexus Repository Manager 3.x before 3.30.1. An attacker with a local account can create entities with crafted properties that, when viewed by an administrator, can execute arbitrary JavaScript in the context of the NXRM application.
2021-04-27
CVE-2021-30635
CWE-22
Sonatype Nexus Repository Manager 3.x before 3.30.1 allows a remote attacker to get a list of files and directories that exist in a UI-related folder via directory traversal (no customer-specific data is exposed).
2020-12-17
CVE-2020-29436
CWE-611
Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with admin privileges to configure the system to gain access to content outside of NXRM via an XXE vulnerability. Fixed in version 3.29.0.
2020-08-12
CVE-2020-15868
CWE-863
Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control.
Copyright
2024
, cxsecurity.com
Back to Top
Podatności dla 'Nexus repository manager' 
Polish
English