Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
objectfirst object first vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-44796
An issue exists in Object First Ootbi BETA build 1.0.7.712. The authorization service has a flow that allows getting access to the Web UI without knowing credentials. For signing, the JWT token uses a secret key that is generated through a function that doesn't produce crypt...
Objectfirst Object First
8.8
CVSSv3
CVE-2022-44794
An issue exists in Object First Ootbi BETA build 1.0.7.712. Management protocol has a flow which allows a remote malicious user to execute arbitrary Bash code with root privileges. The command that sets the hostname doesn't validate input parameters. As a result, arbitrary d...
Objectfirst Object First
6.5
CVSSv3
CVE-2022-44795
An issue exists in Object First Ootbi BETA build 1.0.7.712. A flaw was found in the Web Service, which could lead to local information disclosure. The command that creates the URL for the support bundle uses an insecure RNG. That can lead to prediction of the generated URL. As a ...
Objectfirst Object First
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started