Filter
Software
Fit2cloud CloudexplorerUsers can add themselves to any organization in CloudExplorer Lite
7.1
First published (updated )
Fit2cloud CloudexplorerThe CloudExplorer Lite missing permissions check
7.1
First published (updated )
Fit2cloud JumpserverJumpServer Direct Object Reference (IDOR) Vulnerability in File Manager Bulk Transfer Functionality
5.3
EPSS
0.04%
First published (updated )
Fit2cloud JumpserverJumpServer's insecure Ansible playbook validation leads to RCE in Celery
10
EPSS
0.04%
First published (updated )
Fit2cloud JumpserverJumpServer vulnerable to Jinja2 template injection in Ansible leads to RCE in Celery
10
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fit2cloud JumpserverJumpServer allows nn authorized attacker to get sensitive information in playbook files when playbook_id is leaked
5.3
EPSS
0.04%
First published (updated )
Fit2cloud JumpserverJumpServer Open Redirect Vulnerability
6.1
EPSS
0.06%
First published (updated )
Fit2cloud Cloudexplorer LiteWeak Password Requirements in cloudexplorer-dev/cloudexplorer-lite
8.8
First published (updated )
Fit2cloud Cloudexplorer LiteWeak passwords allowed in cloudexplorer-lite
9.8
First published (updated )
CVE-2023-46138JumpServer default admin user email leak password reset
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-46123jumpserver is vulnerable to password brute-force protection bypass via arbitrary IP values
5.3
First published (updated )
go/github.com/KubeOperator/kubepiKubePi vulnerable to session fixation attack
7.5
First published (updated )
Fit2cloud KubepiKubePi's Hardcoded Jwtsigkeys allows malicious actor to login with a forged JWT token
9.8
First published (updated )
Fit2cloud 1panel1Panel vulnerable to ommand injection when entering the container terminal
8.8
First published (updated )
Fit2cloud 1panel1Panel vulnerable to command injection when adding container repositories
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fit2cloud 1panelCommand injection in firewall ip functionality in 1Panel
8.8
First published (updated )
Fit2cloud KubepiPrivilege Escalation in kubepi
9.1
EPSS
0.05%
First published (updated )
Fit2cloud KubepiLeak password hash of any user
7.5
EPSS
0.08%
First published (updated )
Fit2cloud Cloudexplorer LiteCommand injection vulnerability in module management function in CloudExplorer Lite
9.8
First published (updated )
Fit2cloud 1panel1Panel O&M management panel has a background arbitrary file reading vulnerability
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fit2cloud 1panel1Panel Unauthorized access in Backend
6.5
First published (updated )
Fit2cloud 1panel1Panel arbitrary file write vulnerability exists in the background
9.8
First published (updated )
Fit2cloud Cloudexplorer LiteCloudExplorer Lite sensitive information leakage vulnerability
7.5
First published (updated )
Fit2cloud JumpserverJumpServer session replays download without authentication
8.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fit2cloud Cloudexplorer LiteAn issue in CloudExplorer Lite 1.3.1 allows an attacker to obtain sensitive information via the logi…
7.5
First published (updated )
Fit2cloud JumpserverRandom seed leakage in Jumpserver
8.2
First published (updated )
Fit2cloud JumpserverNon-MFA account takeover via using only SSH public key to login in jumpserver
9.1
First published (updated )
Fit2cloud JumpserverNon-MFA account takeover via brute-force attack on weak password reset code in jumpserver
8.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.