[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249966

 
 

909

 
 

195636

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15149 Download | Alert*

The host is installed with Jenkins LTS 2.277.1 through 2.375.3 or Jenkins rolling 2.270 through 2.393 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. Successful exploitation could allow attackers to provide plugins to the configured update sites and have this message shown by Jenkins instances.

The host is installed with Jenkins LTS 2.277.1 through 2.375.3 or Jenkins rolling 2.270 through 2.393 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. Successful exploitation could allow attackers to provide plugins to the configured update sites and have this message shown by Jenkins instances.

The host is installed with Jenkins LTS 2.277.1 through 2.375.3 or Jenkins rolling 2.270 through 2.393 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. Successful exploitation could allow attackers to provide plugins to the configured update sites and have this message shown by Jenkins instances.

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string p ...

A flaw was found in the PostgreSQL JDBC Driver. A SQL injection is possible when using the non-default connection property preferQueryMode=simple in combination with application code that has a vulnerable SQL that negates a parameter value.

pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string p ...

A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key.

A use-after-free flaw was found in the Linux kernel's Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 ("ovl: fix use after free in struct ovl_aio_req") not applied yet, the kernel could be affected.

A use-after-free flaw was found in the Linux kernel's Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 ("ovl: fix use after free in struct ovl_aio_req") not applied yet, the kernel could be affected.

A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack re ...


Pages:      Start    12    13    14    15    16    17    18    19    20    21    22    23    24    25    ..   1514

© SecPod Technologies