| Page(s) : 1 [2] 3 4 5 6 7 8 9 10 11 12 ... | Result(s) : 130797 |
Alerts
| Date | Name | Categories | Detail | |
|---|---|---|---|---|
| N/A | 2019-10-16 | CVE-2019-10448 | cve | Jenkins Extensive Testing Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or... |
| N/A | 2019-10-16 | CVE-2019-10447 | cve | Jenkins Sofy.AI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to... |
| N/A | 2019-10-16 | CVE-2019-10446 | cve | Jenkins Cadence vManager Plugin 2.7.0 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM. |
| N/A | 2019-10-16 | CVE-2019-10445 | cve | A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed attackers with Overall/Read permission to obtain limited information about the sc... |
| N/A | 2019-10-16 | CVE-2019-10444 | cve | Jenkins Bumblebee HP ALM Plugin 4.1.3 and earlier unconditionally disabled SSL/TLS and hostname verification for connections to HP ALM. |
| N/A | 2019-10-16 | CVE-2019-10443 | cve | Jenkins iceScrum Plugin 1.1.4 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read per... |
| N/A | 2019-10-16 | CVE-2019-10442 | cve | A missing permission check in Jenkins iceScrum Plugin 1.1.5 and earlier allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-spe... |
| N/A | 2019-10-16 | CVE-2019-10441 | cve | A cross-site request forgery vulnerability in Jenkins iceScrum Plugin 1.1.5 and earlier allowed attackers to connect to an attacker-specified URL using attacker-specified creden... |
| N/A | 2019-10-16 | CVE-2019-10440 | cve | Jenkins NeoLoad Plugin 2.2.5 and earlier stored credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they could be vi... |
| N/A | 2019-10-16 | CVE-2019-10439 | cve | A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier in various 'doFillCredentialsIdItems' methods allowed users with Overall/Re... |
| N/A | 2019-10-16 | CVE-2019-10438 | cve | A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier allowed attackers with Overall/Read permission to connect to an attacker-specified UR... |
| N/A | 2019-10-16 | CVE-2019-10437 | cve | A cross-site request forgery vulnerability in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier allowed attackers to connect to an attacker-specified URL using attac... |
| N/A | 2019-10-16 | CVE-2019-10436 | cve | An arbitrary file read vulnerability in Jenkins Google OAuth Credentials Plugin 0.9 and earlier allowed attackers able to configure jobs and credentials in Jenkins to obtain the... |
| N/A | 2019-10-16 | CVE-2019-4031 | cve | IBM Workload Scheduler Distributed 9.2, 9.3, 9.4, and 9.5 contains a vulnerability that could allow a local user to write files as root in the file system, which could allow the... |
| N/A | 2019-10-16 | CVE-2019-17627 | cve | The Yale Bluetooth Key application for mobile devices allows unauthorized unlock actions by sniffing Bluetooth Low Energy (BLE) traffic during one authorized unlock action, and ... |
| N/A | 2019-10-16 | CVE-2019-17626 | cve | ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with ' |
| N/A | 2019-10-16 | CVE-2019-17625 | cve | There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitizat... |
| N/A | 2019-10-16 | CVE-2019-17624 | cve | In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of se... |
| N/A | 2019-10-16 | CVE-2016-11016 | cve | NETGEAR JNR1010 devices before 1.0.0.32 allow webproc?getpage= XSS. |
| N/A | 2019-10-16 | CVE-2016-11015 | cve | NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter. |
| Page(s) : 1 [2] 3 4 5 6 7 8 9 10 11 12 ... | Result(s) : 130797 |
