[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249982

 
 

909

 
 

195748

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 195010 Download | Alert*

An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attacker to take over control over the XMPP connection and to obtain user credentials and all communication c ...

The host is installed with Jenkins rolling release 2.335 through 2.355 and is prone to an incorrect authorization vulnerability. A flaw is present in the application, which fails to handle an unauthorized view fragment access issue. Successful exploitation could allow attackers to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information.

The host is installed with Jenkins rolling release 2.335 through 2.355 and is prone to an incorrect authorization vulnerability. A flaw is present in the application, which fails to handle an unauthorized view fragment access issue. Successful exploitation could allow attackers to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information.

The host is installed with Jenkins LTS through 2.332.3 or Jenkins rolling release through 2.355 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to handle an observable timing discrepancy on the login form issue. Successful exploitation could allow attackers to distinguish between login attempts with an invalid username, and login attempts wit ...

The host is installed with Jenkins LTS through 2.332.3 or Jenkins rolling release through 2.355 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to handle an observable timing discrepancy on the login form issue. Successful exploitation could allow attackers to distinguish between login attempts with an invalid username, and login attempts wit ...

The host is installed with Jenkins rolling release 2.340 through 2.355 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to handle an issue in the tooltip of the build button. Successful exploitation could allow attackers with Job/Configure permission to support HTML without escaping the job display name, resulting in a cross-site scripting (XS ...

The host is installed with Jenkins rolling release 2.340 through 2.355 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to handle an issue in the tooltip of the build button. Successful exploitation could allow attackers with Job/Configure permission to support HTML without escaping the job display name, resulting in a cross-site scripting (XS ...

The host is installed with Jenkins rolling release 2.340 through 2.355 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to handle an issue in the symbol-based icons. Successful exploitation could allow attackers to unescape previously escaped values of 'tooltip' parameters, resulting in a cross-site scripting (XSS) vulnerability.

The host is installed with Jenkins rolling release 2.340 through 2.355 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to handle an issue in the symbol-based icons. Successful exploitation could allow attackers to unescape previously escaped values of 'tooltip' parameters, resulting in a cross-site scripting (XSS) vulnerability.

The host is installed with Jenkins LTS 2.332.1 through 2.332.3 or Jenkins rolling release 2.321 through 2.355 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to handle an issue in the help icon as it does not escape the feature name that is part of its tooltip. Successful exploitation could allow attackers with Job/Configure permission to exp ...


Pages:      Start    7782    7783    7784    7785    7786    7787    7788    7789    7790    7791    7792    7793    7794    7795    ..   19500

© SecPod Technologies