| Page(s) : 1 ... 25 26 27 28 29 30 31 32 33 34 [35] 36 37 38 39 40 41 42 43 44 45 ... | Result(s) : 175836 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2020-09-16 | CVE-2020-3986 | cve | VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser). A malicious ... |
| N/A | 2020-09-16 | CVE-2020-3980 | cve | VMware Fusion (11.x) contains a privilege escalation vulnerability due to the way it allows configuring the system wide path. An attacker with normal user privileges may exploit... |
| N/A | 2020-09-16 | CVE-2020-25614 | cve | xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service (SIGSEGV) at xmlquery.(*Node).InnerT... |
| 9.8 | 2020-09-16 | CVE-2020-25412 | cve | gnuplot 5.4 is affected by a segmentation fault in com_line () at command.c, which may result in context-dependent arbitrary code execution. |
| N/A | 2020-09-16 | CVE-2020-24891 | cve | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. ... |
| 5.5 | 2020-09-16 | CVE-2020-24890 | cve | libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. |
| 7.8 | 2020-09-16 | CVE-2020-24889 | cve | A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context-dependent arbitrary code execution. |
| 6.5 | 2020-09-16 | CVE-2020-2278 | cve | Jenkins Storable Configs Plugin 1.0 and earlier does not restrict the user-specified file name, allowing attackers with Job/Configure permission to replace any other '.xml&... |
| 6.5 | 2020-09-16 | CVE-2020-2277 | cve | Jenkins Storable Configs Plugin 1.0 and earlier allows users with Job/Read permission to read arbitrary files on the Jenkins controller. |
| 8.8 | 2020-09-16 | CVE-2020-2276 | cve | Jenkins Selection tasks Plugin 1.0 and earlier executes a user-specified program on the Jenkins controller, allowing attackers with Job/Configure permission to execute an arbitr... |
| 6.5 | 2020-09-16 | CVE-2020-2275 | cve | Jenkins Copy data to workspace Plugin 1.0 and earlier does not limit which directories can be copied from the Jenkins controller to job workspaces, allowing attackers with Job/C... |
| 5.5 | 2020-09-16 | CVE-2020-2274 | cve | Jenkins ElasTest Plugin 1.2.1 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with ... |
| 4.3 | 2020-09-16 | CVE-2020-2273 | cve | A cross-site request forgery (CSRF) vulnerability in Jenkins ElasTest Plugin 1.2.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified ... |
| 4.3 | 2020-09-16 | CVE-2020-2272 | cve | A missing permission check in Jenkins ElasTest Plugin 1.2.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-spec... |
| 5.4 | 2020-09-16 | CVE-2020-2271 | cve | Jenkins Locked Files Report Plugin 1.6 and earlier does not escape locked files' names in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitab... |
| 5.4 | 2020-09-16 | CVE-2020-2270 | cve | Jenkins ClearCase Release Plugin 0.3 and earlier does not escape the composite baseline in badge tooltip, resulting in a stored cross-site scripting (XSS) vulnerability exploita... |
| 5.4 | 2020-09-16 | CVE-2020-2269 | cve | Jenkins chosen-views-tabbar Plugin 1.2 and earlier does not escape view names in the dropdown to select views, resulting in a stored cross-site scripting (XSS) vulnerability exp... |
| 8.8 | 2020-09-16 | CVE-2020-2268 | cve | A cross-site request forgery (CSRF) vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkin... |
| 4.3 | 2020-09-16 | CVE-2020-2267 | cve | A missing permission check in Jenkins MongoDB Plugin 1.3 and earlier allows attackers with Overall/Read permission to gain access to some metadata of any arbitrary files on the ... |
| 5.4 | 2020-09-16 | CVE-2020-2266 | cve | Jenkins Description Column Plugin 1.3 and earlier does not escape the job description in the column tooltip, resulting in a stored cross-site scripting (XSS) vulnerability explo... |
| Page(s) : 1 ... 25 26 27 28 29 30 31 32 33 34 [35] 36 37 38 39 40 41 42 43 44 45 ... | Result(s) : 175836 |
