Skip to content

securelayer7/Research

BranchesTags

Repository files navigation

SecureLayer7

SecureLayer7 Research

About

SecureLayer7's research team focuses on identifying, analyzing, and responsibly disclosing vulnerabilities across widely-used software. This repository serves as a centralized archive of our published CVE research, proof-of-concept exploits, and lab environments.

Published Research

# CVE ID Product Type Severity Analysis
1 CVE-2023-38831 WinRAR RCE Critical Zero-Day RCE via DarkMe
2 CVE-2023-22518 Atlassian Confluence Auth Bypass Critical Authentication Bypass
3 CVE-2023-26360 Adobe ColdFusion RCE Critical Unauthenticated RCE
4 CVE-2020-9496 / CVE-2023-49070 / CVE-2023-51467 Apache OFBiz RCE + Auth Bypass Critical Multiple Vulnerabilities
5 CVE-2024-23897 Jenkins Arbitrary File Read Critical Arbitrary File Read
6 CVE-2023-39143 PaperCut RCE High Remote Code Execution
7 CVE-2024-27348 Apache HugeGraph RCE Critical Sandbox Bypass RCE
8 CVE-2024-25065 Apache OFBiz Path Traversal High Auth Bypass via Path Traversal
9 CVE-2024-38856 Apache OFBiz RCE High File Read to RCE
10 CVE-2024-22263 Spring Cloud Data Flow Arbitrary File Write High Arbitrary File Writing
11 CVE-2024-39877 Apache Airflow Code Execution High Jinja2 Template Injection
12 CVE-2024-31204 / CVE-2024-30270 Mailcow XSS + Path Traversal High XSS & Path Traversal
13 CVE-2024-54676 Apache OpenMeetings RCE Critical Deserialization RCE

Contact
Website securelayer7.net
Blog blog.securelayer7.net
Twitter @securelayer7
Disclosure Coordinated 90-day responsible disclosure policy

All research is conducted responsibly. Vulnerabilities are reported to vendors before public disclosure.

About

Vulnerability Research & CVE Analysis by SecureLayer7

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages