Filter
-Infinity
0
Trending
CVE-2024-40628Arbitrary File Read in Ansible Playbooks in Jumpserver
10
First published (updated )
CVE-2024-40629Arbitrary File Write in Ansible Playbooks leads to RCE in Jumpserver
10
First published (updated )
CVE-2024-29202JumpServer vulnerable to Jinja2 template injection in Ansible leads to RCE in Celery
10
EPSS
0.04%
First published (updated )
CVE-2024-29201JumpServer's insecure Ansible playbook validation leads to RCE in Celery
10
EPSS
0.04%
First published (updated )
JumpserverNon-MFA account takeover via using only SSH public key to login in jumpserver
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jumpserverjumpserver is vulnerable to password brute-force protection bypass via arbitrary IP values
5.3
First published (updated )
JumpserverSSH public key login without private key challenge if mfa is enabled in jumpserver
9.8
First published (updated )
go/github.com/jumpserver/kokoRemote code execution on the host system via MongoDB shell in jumpserver
9.9
First published (updated )
JumpserverNon-MFA account takeover via brute-force attack on weak password reset code in jumpserver
8.2
First published (updated )
Fit2cloud KubepiKubePi's Hardcoded Jwtsigkeys allows malicious actor to login with a forged JWT token
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/KubeOperator/kubepiKubePi vulnerable to session fixation attack
7.5
First published (updated )
Fit2Cloud KubeOperatorKubeOperator is vulnerable to unauthorized access to system API
9.8
First published (updated )
Fit2cloud KubepiKubePi is vulnerable to missing authorization
7.5
First published (updated )
JumpserverJumpServer Koko vulnerable to Command Injection for Kubernetes Connection
9.9
First published (updated )
Fit2cloud Cloudexplorer LiteAuthorization Bypass Through User-Controlled Key in cloudexplorer-dev/cloudexplorer-lite
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/1Panel-dev/1Panel1Panel open source panel project has an unauthorized vulnerability.
6.3
EPSS
0.04%
First published (updated )
go/github.com/1Panel-dev/1Panel1Panel's password verification is suspected to have a timing attack vulnerability
5.9
First published (updated )
go/github.com/1Panel-dev/1PanelArbitrary file write vulnerability in 1Panel
7.5
EPSS
0.04%
First published (updated )
go/github.com/1Panel-dev/1Panel1Panel swap baseApi.UpdateDeviceSwap command injection
9.8
First published (updated )
go/github.com/1Panel-dev/1Panel1Panel set-cookie is missing the Secure keyword
7.5
EPSS
0.06%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fit2cloud Cloudexplorer LiteImproper Access Control in cloudexplorer-dev/cloudexplorer-lite
8.8
First published (updated )
Fit2cloud Cloudexplorer LiteUsers can add themselves to any organization in CloudExplorer Lite
7.1
First published (updated )
Fit2cloud Cloudexplorer LiteThe CloudExplorer Lite missing permissions check
7.1
First published (updated )
JumpserverJumpServer Direct Object Reference (IDOR) Vulnerability in File Manager Bulk Transfer Functionality
5.3
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JumpserverJumpServer allows nn authorized attacker to get sensitive information in playbook files when playbook_id is leaked
5.3
EPSS
0.04%
First published (updated )
JumpserverJumpServer Open Redirect Vulnerability
6.1
EPSS
0.06%
First published (updated )
Fit2cloud Cloudexplorer LiteWeak Password Requirements in cloudexplorer-dev/cloudexplorer-lite
8.8
First published (updated )
Fit2cloud Cloudexplorer LiteWeak passwords allowed in cloudexplorer-lite
9.8
First published (updated )
JumpserverJumpServer default admin user email leak password reset
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.