Page(s) : [1] | Result(s) : 13 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
6.8 | 2015-11-25 | CVE-2014-3665 | cve | Jenkins before 1.587 and LTS before 1.580.1 do not properly ensure trust separation between a master and slaves, which might allow remote attackers to execute arbitrary code on ... |
6 | 2015-11-25 | CVE-2015-5242 | cve | OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict use of the pickle Python module when loading metadata, which allows remote authenticated users to execute ar... |
6.8 | 2015-11-25 | CVE-2015-5306 | cve | OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary... |
5 | 2015-11-25 | CVE-2015-5317 | cve | The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request. |
6.8 | 2015-11-25 | CVE-2015-5318 | cve | Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible salt to generate CSRF protection tokens, which makes it easier for remote attackers to bypass the CSRF pro... |
5 | 2015-11-25 | CVE-2015-5319 | cve | XML external entity (XXE) vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafte... |
5 | 2015-11-25 | CVE-2015-5320 | cve | Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the shared secret used in JNLP slave connections, which allows remote attackers to connect as slaves and obtai... |
5 | 2015-11-25 | CVE-2015-5321 | cve | The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a dire... |
5 | 2015-11-25 | CVE-2015-5322 | cve | Directory traversal vulnerability in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to list directory contents and read arbitrary files in the Jenkins servl... |
6.5 | 2015-11-25 | CVE-2015-5323 | cve | Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict access to API tokens which might allow remote administrators to gain privileges and run scripts by using an ... |
5 | 2015-11-25 | CVE-2015-5324 | cve | Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to queue/api. |
4.3 | 2015-11-25 | CVE-2015-5326 | cve | Cross-site scripting (XSS) vulnerability in the slave overview page in Jenkins before 1.638 and LTS before 1.625.2 allows remote authenticated users with certain permissions to ... |
5 | 2015-11-25 | CVE-2015-6382 | cve | Cisco ASR 5000 devices with software 16.0(900) allow remote attackers to cause a denial of service (telnetd process restart) via a TELNET connection, aka Bug ID CSCuv25815. |
Page(s) : [1] | Result(s) : 13 |