Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonatype nexus repository manager vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2019-16530
Sonatype Nexus Repository Manager 2.x prior to 2.14.15 and 3.x prior to 3.19, and IQ Server prior to 72, has remote code execution.
Sonatype Nexus Repository Manager
Sonatype Nexus Iq Server
578
VMScore
CVE-2019-15893
Sonatype Nexus Repository Manager 2.x prior to 2.14.15 allows Remote Code Execution.
Sonatype Nexus Repository Manager
802
VMScore
CVE-2019-5475
The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.
Sonatype Nexus Repository Manager
4 Github repositories
312
VMScore
CVE-2019-14469
In Nexus Repository Manager prior to 3.18.0, users with elevated privileges can create stored XSS.
Sonatype Nexus Repository Manager
445
VMScore
CVE-2019-9630
Sonatype Nexus Repository Manager prior to 3.17.0 has a weak default of giving any unauthenticated user read permissions on the repository files and images.
Sonatype Nexus Repository Manager
668
VMScore
CVE-2019-9629
Sonatype Nexus Repository Manager prior to 3.17.0 establishes a default administrator user with weak defaults (fixed credentials).
Sonatype Nexus Repository Manager
383
VMScore
CVE-2019-11629
Sonatype Nexus Repository Manager 2.x prior to 2.14.13 allows XSS.
Sonatype Nexus Repository Manager
670
VMScore
CVE-2019-7238
Sonatype Nexus Repository Manager prior to 3.15.0 has Incorrect Access Control.
Sonatype Nexus
9 Github repositories
580
VMScore
CVE-2018-16621
Sonatype Nexus Repository Manager prior to 3.14 allows Java Expression Language Injection.
Sonatype Nexus Repository Manager
383
VMScore
CVE-2018-16619
Sonatype Nexus Repository Manager prior to 3.14 allows XSS.
Sonatype Nexus Repository Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »