[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 31403 Download | Alert*

The host is installed with VideoLAN VLC media player before 3.0.8 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a crafted file. Successful exploitation could allow attackers to trigger either a crash of VLC or an arbitratry code execution with the privileges of the target user.

The host is installed with OpenSSL 1.1.0 through 1.1.0j or through 1.1.1b or Oracle VM VirtualBox 5.2.x before 5.2.32 or 6.0.10 and is prone to an information disclosure vulnerability. A flaw is present in the way the ChaCha20-Poly1305 cipher uses reused nonce values. On successful exploitation, an attacker could cause serious confidentiality and integrity attacks on messages encrypted using a reu ...

The host is installed with Jenkins LTS before 2.89.4 or Jenkins rolling release before 2.107 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle an issue in input validation. Successful exploitation could allow attackers with Overall/Read permission to download files from the Jenkins master they should not have access to.

The host is installed with Jenkins LTS through 2.121.2 or Jenkins rolling release through 2.137 and is prone to an improper autorization vulnerability. A flaw is present in the application, which fails to properly handle an issue in UpdateCenter.java. Successful exploitation could allow attackers to cancel a jenkins restart scheduled through the update center.

The host is installed with Jenkins LTS through 2.121.2 or Jenkins rolling release through 2.137 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in Computer.java. Successful exploitation could allow attackers with overall/read permission to access the connection log for any agent.

The host is installed with Jenkins LTS through 2.121.2 or Jenkins rolling release through 2.137 and is prone to an improper authentication vulnerability. A flaw is present in the application, which fails to properly handle issues in SecurityRealm.java and TokenBasedRememberMeServices2.java. Successful exploitation could allow attackers with a valid cookie to remain logged in even if that feature i ...

The host is installed with Jenkins LTS through 2.121.2 or Jenkins rolling release through 2.137 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in CronTab.java. Successful exploitation could allow attackers with overall/read permission to have a request handling thread enter an infinite loop.

The host is installed with Jenkins LTS through 2.121.2 or Jenkins rolling release through 2.137 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in BasicAuthenticationFilter.java. Successful exploitation could allow attackers to create ephemeral in-memory user records by attempting to log in using invalid credentials.

The host is installed with Jenkins LTS through 2.121.2 or Jenkins rolling release through 2.137 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in XStream2.java. Successful exploitation could allow attackers to have jenkins resolve a domain name when deserializing an instance of java.

The host is installed with Jenkins LTS through 2.121.1 or Jenkins rolling release through 2.132 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in org/kohsuke/stapler/Stapler.java. Successful exploitation could allow attackers with the ability to control the existence of some urls in jenkins to define javascript th ...


Pages:      Start    1562    1563    1564    1565    1566    1567    1568    1569    1570    1571    1572    1573    1574    1575    ..   3140

© SecPod Technologies