Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
groovy vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23639
Micronaut Framework is a modern, JVM-based, full stack Java framework designed for building modular, easily testable JVM applications with support for Java, Kotlin and the Groovy language. Enabled but unsecured management endpoints are susceptible to drive-by localhost attacks. W...
Objectcomputing Micronaut
NA
CVE-2023-52251
An issue discovered in provectus kafka-ui 0.4.0 up to and including 0.7.1 allows remote malicious users to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages.
Provectus Ui
1 Github repository
NA
CVE-2023-50572
An issue in the component GroovyEngine.execute of jline-groovy v3.24.1 allows malicious users to cause an OOM (OutofMemory) error.
Jline Jline 3.24.1
1 Github repository
NA
CVE-2023-46131
Grails is a framework used to build web applications with the Groovy programming language. A specially crafted web request can lead to a JVM crash or denial of service. Any Grails framework application using Grails data binding is vulnerable. This issue has been patched in versio...
Grails Grails
NA
CVE-2023-50721
XWiki Platform is a generic wiki platform. Starting in 4.5-rc-1 and prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, the search administration interface doesn't properly escape the id and label of search user interface extensions, allowing the injection of XWiki syntax con...
Xwiki Xwiki 15.6
Xwiki Xwiki 15.7
Xwiki Xwiki
NA
CVE-2023-50765
A missing permission check in Jenkins Scriptler Plugin 342.v6a_89fd40f466 and previous versions allows attackers with Overall/Read permission to read the contents of a Groovy script by knowing its ID.
Jenkins Scriptler
NA
CVE-2023-48292
The XWiki Admin Tools Application provides tools to help the administration of XWiki. Starting in version 4.4 and prior to version 4.5.1, a cross site request forgery vulnerability in the admin tool for executing shell commands on the server allows an malicious user to execute ar...
Xwiki Admin Tools
NA
CVE-2023-46243
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for a user to execute any content with the right of an existing document's content author, provided the user have edit right on it...
Xwiki Xwiki
NA
CVE-2023-46731
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki doesn't properly escape the section URL parameter that is used in the code for displaying administration sections. This allows any user with read access to the docu...
Xwiki Xwiki
NA
CVE-2023-46732
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to reflected cross-site scripting (RXSS) via the `rev` parameter that is used in the content of the content menu without escaping. If an attacker can convi...
Xwiki Xwiki
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »