Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 7 8 9 10 11 12 13 14 15 16 [17] 18 19 20 21 22 23 24 25 26 27 ...Result(s) : 125633

Alerts Feed Alerts

DateNameCategoriesDetail
6.82019-07-11CVE-2019-12363cve An CSRF issue was discovered in the JN-Jones MyBB-2FA plugin through 2014-11-05 for MyBB. An attacker can forge a request to an installed mybb2fa plugin to control its state via...
42019-07-11CVE-2019-10351cve Jenkins Caliper CI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access...
42019-07-11CVE-2019-10350cve Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or ac...
3.52019-07-11CVE-2019-10349cve A stored cross site scripting vulnerability in Jenkins Dependency Graph Viewer Plugin 0.13 and earlier allowed attackers able to configure jobs in Jenkins to inject arbitrary HT...
42019-07-11CVE-2019-10348cve Jenkins Gogs Plugin stored credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to th...
42019-07-11CVE-2019-10347cve Jenkins Mashup Portlets Plugin stored credentials unencrypted on the Jenkins master where they can be viewed by users with access to the master file system.
4.32019-07-11CVE-2019-10346cve A reflected cross site scripting vulnerability in Jenkins Embeddable Build Status Plugin 2.0.1 and earlier allowed attackers inject arbitrary HTML and JavaScript into the respon...
42019-07-11CVE-2019-10342cve A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in various 'fillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate c...
42019-07-11CVE-2019-10341cve A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attack...
6.82019-07-11CVE-2019-10340cve A cross-site request forgery vulnerability in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection allowed users with Overall/Read access to conn...
N/A2019-07-11CVE-2018-11744cve Cloudera Manager through 5.15 has Incorrect Access Control.
4.32019-07-11CVE-2019-13505cve The Appointment Hour Booking plugin 1.1.44 for WordPress allows XSS via the E-mail field, as demonstrated by email_1.
7.52019-07-11CVE-2019-12838cve SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.
3.52019-07-11CVE-2019-1010003cve Leanote prior to version 2.6 is affected by: Cross Site Scripting (XSS).
4.32019-07-10CVE-2019-13504cve There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2.
52019-07-10CVE-2019-13503cve mq_parse_http in mongoose.c in Mongoose 6.15 has a heap-based buffer over-read.
92019-07-10CVE-2019-5446cve Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to execute commands as root.
42019-07-10CVE-2019-5445cve DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted commands.
52019-07-10CVE-2019-5444cve Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder.
7.52019-07-10CVE-2019-13489cve Trape through 2019-05-08 has SQL injection via the data[2] variable in core/db.py, as demonstrated by the /bs t parameter.
Page(s) : 1 ... 7 8 9 10 11 12 13 14 15 16 [17] 18 19 20 21 22 23 24 25 26 27 ...Result(s) : 125633