Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nexus vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-50768
A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and previous versions allows malicious users to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credential...
Jenkins Nexus Platform
4.3
CVSSv3
CVE-2023-50769
Missing permission checks in Jenkins Nexus Platform Plugin 3.18.0-03 and previous versions allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials ...
Jenkins Nexus Platform
7.8
CVSSv3
CVE-2019-12717
A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local malicious user to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insuff...
Cisco Nx-os
4.2
CVSSv3
CVE-2017-12336
A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local malicious user to escape the interactive TCL shell and gain unauthorized access to the underlying operating system of the device. The vulnerability exists due to insu...
Cisco Nx-os 8.1\\(1\\)s5
Cisco Nx-os 8.1\\(0\\)bd\\(0.20\\)
Cisco Nx-os 8.1\\(0.59\\)s0
Cisco Nx-os 8.1\\(0.2\\)s0
Cisco Nx-os 8.0\\(1\\)
Cisco Nx-os 6.0\\(2\\)a8\\(3\\)
Cisco Unified Computing System 7.0\\(0\\)hsk\\(0.357\\)
4.4
CVSSv3
CVE-2017-12332
A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local malicious user to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vul...
Cisco Unified Computing System 7.0\\(0\\)hsk\\(0.357\\)
Cisco Nx-os 8.1\\(1\\)
Cisco Nx-os 8.1\\(0\\)bd\\(0.20\\)
6.7
CVSSv3
CVE-2017-12341
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local malicious user to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input valid...
Cisco Unified Computing System 7.0\\(0\\)hsk\\(0.357\\)
Cisco Nx-os 8.1\\(1\\)
Cisco Nx-os 8.1\\(0.59\\)s0
8.6
CVSSv3
CVE-2019-1858
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote malicious user to cause the SNMP application to leak system memory, which could cause an affected device ...
Cisco Nx-os
Cisco Firepower Extensible Operating System
Cisco Fx-os
4.3
CVSSv3
CVE-2022-27907
Sonatype Nexus Repository Manager 3.x prior to 3.38.0 allows SSRF.
Sonatype Nexus Repository Manager
7.2
CVSSv3
CVE-2019-15588
There is an OS Command Injection in Nexus Repository Manager <= 2.14.14 (bypass CVE-2019-5475) that could allow an attacker a Remote Code Execution (RCE). All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capabili...
Sonatype Nexus Repository Manager
2 Github repositories
4.3
CVSSv3
CVE-2021-34553
Sonatype Nexus Repository Manager 3.x prior to 3.31.0 allows a remote authenticated malicious user to get a list of blob files and read the content of a blob file (via a GET request) without having been granted access.
Sonatype Nexus Repository Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »