Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nexus vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2021-40143
Sonatype Nexus Repository 3.x up to and including 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance.
Sonatype Nexus Repository Manager 3
6.5
CVSSv3
CVE-2023-40347
Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 1.14 and previous versions does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to.
Jenkins Maven Artifact Choicelistprovider \\(nexus\\)
6.7
CVSSv3
CVE-2019-1767
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the malicious user to execute a...
Cisco Nx-os
6.4
CVSSv3
CVE-2019-1732
A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use (TOCTOU) race condition to corrupt local variables, which could lead to arbit...
Cisco Nx-os
Cisco Nx Os
6
CVSSv3
CVE-2019-1729
A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local malicious user to overwrite any file on the file system including system files. These file overwrites by the attacker are accomp...
Cisco Nx-os
6.7
CVSSv3
CVE-2019-1768
A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the malicious user to execute a...
Cisco Nx-os
4.8
CVSSv3
CVE-2018-10229
A hardware vulnerability in GPU memory modules allows malicious users to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.
Mozilla Firefox -
Google Chrome -
Lg Nexus 5 -
1 Github repository
7.5
CVSSv3
CVE-2023-20014
A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DNS requests. An attacker could exploit this vuln...
Cisco Nexus Dashboard
7.4
CVSSv3
CVE-2022-20860
A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote malicious user to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certificates are not valida...
Cisco Nexus Dashboard
9.8
CVSSv3
CVE-2022-20857
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote malicious user to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the D...
Cisco Nexus Dashboard
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »