Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : [1] Result(s) : 13

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
6.8 2015-11-25 CVE-2014-3665 cve Jenkins before 1.587 and LTS before 1.580.1 do not properly ensure trust separation between a master and slaves, which might allow remote attackers to execute arbitrary code on ...
6 2015-11-25 CVE-2015-5242 cve OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict use of the pickle Python module when loading metadata, which allows remote authenticated users to execute ar...
6.8 2015-11-25 CVE-2015-5306 cve OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary...
5 2015-11-25 CVE-2015-5317 cve The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request.
6.8 2015-11-25 CVE-2015-5318 cve Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible salt to generate CSRF protection tokens, which makes it easier for remote attackers to bypass the CSRF pro...
5 2015-11-25 CVE-2015-5319 cve XML external entity (XXE) vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafte...
5 2015-11-25 CVE-2015-5320 cve Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the shared secret used in JNLP slave connections, which allows remote attackers to connect as slaves and obtai...
5 2015-11-25 CVE-2015-5321 cve The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a dire...
5 2015-11-25 CVE-2015-5322 cve Directory traversal vulnerability in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to list directory contents and read arbitrary files in the Jenkins servl...
6.5 2015-11-25 CVE-2015-5323 cve Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict access to API tokens which might allow remote administrators to gain privileges and run scripts by using an ...
5 2015-11-25 CVE-2015-5324 cve Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to queue/api.
4.3 2015-11-25 CVE-2015-5326 cve Cross-site scripting (XSS) vulnerability in the slave overview page in Jenkins before 1.638 and LTS before 1.625.2 allows remote authenticated users with certain permissions to ...
5 2015-11-25 CVE-2015-6382 cve Cisco ASR 5000 devices with software 16.0(900) allow remote attackers to cause a denial of service (telnetd process restart) via a TELNET connection, aka Bug ID CSCuv25815.
Page(s) : [1] Result(s) : 13