Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ...Result(s) : 154409

Alerts Feed Alerts

DateNameCategoriesDetail
N/A2019-10-16CVE-2019-10445cve A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed attackers with Overall/Read permission to obtain limited information about the sc...
N/A2019-10-16CVE-2019-10444cve Jenkins Bumblebee HP ALM Plugin 4.1.3 and earlier unconditionally disabled SSL/TLS and hostname verification for connections to HP ALM.
N/A2019-10-16CVE-2019-10443cve Jenkins iceScrum Plugin 1.1.4 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read per...
N/A2019-10-16CVE-2019-10442cve A missing permission check in Jenkins iceScrum Plugin 1.1.5 and earlier allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-spe...
N/A2019-10-16CVE-2019-10441cve A cross-site request forgery vulnerability in Jenkins iceScrum Plugin 1.1.5 and earlier allowed attackers to connect to an attacker-specified URL using attacker-specified creden...
N/A2019-10-16CVE-2019-10440cve Jenkins NeoLoad Plugin 2.2.5 and earlier stored credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they could be vi...
N/A2019-10-16CVE-2019-10439cve A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier in various 'doFillCredentialsIdItems' methods allowed users with Overall/Re...
N/A2019-10-16CVE-2019-10438cve A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier allowed attackers with Overall/Read permission to connect to an attacker-specified UR...
N/A2019-10-16CVE-2019-10437cve A cross-site request forgery vulnerability in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier allowed attackers to connect to an attacker-specified URL using attac...
N/A2019-10-16CVE-2019-10436cve An arbitrary file read vulnerability in Jenkins Google OAuth Credentials Plugin 0.9 and earlier allowed attackers able to configure jobs and credentials in Jenkins to obtain the...
6.82019-10-16USN-4156-2Ubuntu SDL vulnerabilities
N/A2019-10-16CVE-2019-4031cve IBM Workload Scheduler Distributed 9.2, 9.3, 9.4, and 9.5 contains a vulnerability that could allow a local user to write files as root in the file system, which could allow the...
N/A2019-10-16CVE-2019-17627cve The Yale Bluetooth Key application for mobile devices allows unauthorized unlock actions by sniffing Bluetooth Low Energy (BLE) traffic during one authorized unlock action, and ...
N/A2019-10-16CVE-2019-17626cve ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '
N/A2019-10-16CVE-2019-17625cve There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitizat...
N/A2019-10-16CVE-2019-17624cve In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of se...
N/A2019-10-16CVE-2016-11016cve NETGEAR JNR1010 devices before 1.0.0.32 allow webproc?getpage= XSS.
N/A2019-10-16CVE-2016-11015cve NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter.
N/A2019-10-16CVE-2016-11014cve NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case.
52019-10-16DSA-4544Debian unbound security update
Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ...Result(s) : 154409