Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nuxeo vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2017-5869
Directory traversal vulnerability in the file import feature in Nuxeo Platform 6.0, 7.1, 7.2, and 7.3 allows remote authenticated users to upload and execute arbitrary JSP code via a .. (dot dot) in the X-File-Name header.
Nuxeo Nuxeo 6.0
Nuxeo Nuxeo 7.1
Nuxeo Nuxeo 7.2
Nuxeo Nuxeo 7.3
1 EDB exploit
7.5
CVSSv2
CVE-2013-4521
RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for which deserialization methods can be called, which allows remote malicious users to execute arbitrary code via crafted serialized data. NOTE: this vulnerability m...
Nuxeo Nuxeo 5.6.0
Nuxeo Nuxeo 5.8.0
NA
CVE-2021-32828
The Nuxeo Platform is an open source content management platform for building business applications. In version 11.5.109, the `oauth2` REST API is vulnerable to Reflected Cross-Site Scripting (XSS). This XSS can be escalated to Remote Code Execution (RCE) by levering the automati...
Hyland Nuxeo
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started