[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 8683 Download | Alert*

The host is installed with Jenkins LTS through 2.303.1 or Jenkins rolling release through 2.314 and is prone to a path equivalence vulnerability. A flaw is present in the application, which fails to validate names of jobs and other entities with a trailing dot character. Successful exploitation could allow attackers to potentially replace the configuration and data of other entities on Windows.

The host is installed with Jenkins LTS through 2.289.1 or Jenkins rolling release through 2.299 and is prone to a session fixation vulnerability. A flaw is present in the application, which fails to properly handle issues with validation of sessions. Successful exploitation could allows attackers to use social engineering techniques to gain administrator access to Jenkins.

The host is installed with Jenkins LTS through 2.289.1 or Jenkins rolling release through 2.299 and is prone to an incorrect authorization vulnerability. A flaw is present in the application, which fails to properly handle issues with permission checks. Successful exploitation could allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when the ...

The host is installed with Jenkins LTS through 2.277.1 or Jenkins rolling release through 2.286 and is prone to a view name validation bypass vulnerability. A flaw is present in the application, which fails to properly check that a newly created view has an allowed name. Successful exploitation allows attackers with View/Create permission to create views with invalid or already-used names.

The host is installed with Jenkins LTS through 2.277.1 or Jenkins rolling release through 2.286 and is prone to an improper input validation vulnerability. A flaw is present in the application, which fails to properly handle an object type validation issue. Successful exploitation allows attackers with Computer/Configure permission to replace a node with one of a different type.

The host is installed with Jenkins LTS through 2.263.2 or Jenkins rolling release through 2.275 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to properly handle an time-of-check to time-of-use (TOCTOU) race condition issue in workspace browsers. Successful exploitation allows attackers with Job/Workspace permission and the ability to contro ...

The host is installed with Jenkins LTS through 2.263.1 or Jenkins rolling release through 2.274 and is prone to a stored XSS vulnerability. A flaw is present in the application, which fails to properly handle an issue in New Item page. Successful exploitation allows attackers to perform stored XSS attacks.

The host is installed with Jenkins LTS through 2.263.1 or Jenkins rolling release through 2.274 and is prone to a reflected XSS vulnerability. A flaw is present in the application, which fails to properly handle an issue in markup formatter preview. Successful exploitation allows attackers to perform reflected XSS attacks.

The host is installed with Jenkins LTS through 2.263.1 or Jenkins rolling release through 2.274 and is prone to an incorrect authorization vulnerability. A flaw is present in the application, which fails to properly handle missing permission check for paths. Successful exploitation allows attackers without Overall/Read permission to access plugin-provided URLs with any of the following prefixes if ...

The host is installed with Jenkins LTS through 2.263.1 or Jenkins rolling release through 2.274 and is prone to a stored XSS vulnerability. A flaw is present in the application, which fails to properly handle unescaped button labels. Successful exploitation allows attackers to perform cross-site scripting attacks.


Pages:      Start    222    223    224    225    226    227    228    229    230    231    232    233    234    235    ..   868

© SecPod Technologies