Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonatype nexus repository manager 3 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-15870
Sonatype Nexus Repository Manager OSS/Pro versions prior to 3.25.1 allow XSS (Issue 2 of 2).
Sonatype Nexus Repository Manager 3
605
VMScore
CVE-2020-15871
Sonatype Nexus Repository Manager OSS/Pro version prior to 3.25.1 allows Remote Code Execution.
Sonatype Nexus Repository Manager 3
383
VMScore
CVE-2020-15869
Sonatype Nexus Repository Manager OSS/Pro versions prior to 3.25.1 allow XSS (issue 1 of 2).
Sonatype Nexus Repository Manager 3
356
VMScore
CVE-2020-11415
An issue exists in Sonatype Nexus Repository Manager 2.x prior to 2.14.17 and 3.x prior to 3.22.1. Admin users can retrieve the LDAP server system username/password (as configured in nxrm) in cleartext.
Sonatype Nexus Repository Manager
578
VMScore
CVE-2020-11753
An issue exists in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. It is possible for a user with appropriate privileges to create, modify, and execute scripting tasks without use of the UI or API. NOTE: in 3.22.0, scripting is disabled by default (making this no...
Sonatype Nexus Repository Manager 3 3.22.0
Sonatype Nexus Repository Manager 3 3.21.1
580
VMScore
CVE-2020-11444
Sonatype Nexus Repository Manager 3.x up to and including 3.21.2 has Incorrect Access Control.
Sonatype Nexus
3 Github repositories
801
VMScore
CVE-2019-16530
Sonatype Nexus Repository Manager 2.x prior to 2.14.15 and 3.x prior to 3.19, and IQ Server prior to 72, has remote code execution.
Sonatype Nexus Repository Manager
Sonatype Nexus Iq Server
312
VMScore
CVE-2018-12100
Sonatype Nexus Repository Manager versions 3.x prior to 3.12.0 has XSS in multiple areas in the Administration UI.
Sonatype Nexus Repository Manager
383
VMScore
CVE-2018-5306
Multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus Repository Manager (aka NXRM) 3.x prior to 3.8 allow remote malicious users to inject arbitrary web script or HTML via (1) the repoId or (2) format parameter to service/siesta/healthcheck/healthCheckFileDetail/...
Sonatype Nexus Repository Manager
383
VMScore
CVE-2018-5307
Multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus Repository Manager (aka NXRM) 2.x prior to 2.14.6 allow remote malicious users to inject arbitrary web script or HTML via (1) the repoId or (2) format parameter to service/siesta/healthcheck/healthCheckFileDeta...
Sonatype Nexus Repository Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2