Filtered by vendor Hummerrisk
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-63721 | 1 Hummerrisk | 1 Hummerrisk | 2025-12-11 | N/A | 8.8 HIGH |
| HummerRisk thru v1.5.0 is using a vulnerable Snakeyaml component, allowing attackers with normal user privileges to hit the /rule/add API and thereby achieve RCE and take over the server. | |||||
| CVE-2023-43449 | 1 Hummerrisk | 1 Hummerrisk | 2025-06-03 | N/A | 8.8 HIGH |
| An issue in HummerRisk HummerRisk v.1.10 thru 1.4.1 allows an authenticated attacker to execute arbitrary code via a crafted request to the service/LicenseService component. | |||||