samedi 30 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Git Changelog Plugin up to 2.6 on Jenkins summary.jelly cross site scripting

A vulnerability has been found in Git Changelog Plugin up to 2.6 on Jenkins and classified as problematic. Affected by this vulnerability is a functionality of the file GitChangelogSummaryDecorator/summary.jelly. The manipulation with an unknown...
Auteur: VulDB

SonarQube Scanner Plugin up to 2.8 on Jenkins SonarInstallation.java information disclosure

A vulnerability, which was classified as problematic, was found in SonarQube Scanner Plugin up to 2.8 on Jenkins. Affected is a function of the file SonarInstallation.java. The manipulation with an unknown input leads to a information disclosure...
Auteur: VulDB

Artifactory Plugin up to 2.16.1 on Jenkins ArtifactoryBuilder.java information disclosure

A vulnerability, which was classified as problematic, has been found in Artifactory Plugin up to 2.16.1 on Jenkins. This issue affects some functionality of the file ArtifactoryBuilder.java. The manipulation with an unknown input leads to a...
Auteur: VulDB

Crowd 2 Integration Plugin up to 2.0.0 on Jenkins CrowdSecurityRealm.java information disclosure

A vulnerability classified as problematic was found in Crowd 2 Integration Plugin up to 2.0.0 on Jenkins. This vulnerability affects the functionality of the file CrowdSecurityRealm.java. The manipulation with an unknown input leads to a...
Auteur: VulDB

Crowd 2 Intergration Plugin up to 2.0.0 on Jenkins Authorization CrowdSecurityRealm.java privilege escalation

A vulnerability classified as critical has been found in Crowd 2 Intergration Plugin up to 2.0.0 on Jenkins. This affects an unknown function of the file CrowdSecurityRealm.java of the component Authorization. The manipulation with an unknown...
Auteur: VulDB

Mesos Plugin up to 0.17.1 on Jenkins Authorization MesosCloud.java privilege escalation

A vulnerability was found in Mesos Plugin up to 0.17.1 on Jenkins. It has been rated as critical. Affected by this issue is some processing of the file MesosCloud.java of the component Authorization. The manipulation with an unknown input leads...
Auteur: VulDB

Mesos Plugin up to 0.17.1 on Jenkins Authorization MesosCloud.java privilege escalation

A vulnerability was found in Mesos Plugin up to 0.17.1 on Jenkins. It has been declared as critical. Affected by this vulnerability is a code block of the file MesosCloud.java of the component Authorization. The manipulation with an unknown...
Auteur: VulDB

Hipchat Plugin up to 2.2.0 on Jenkins Authorization HipChatNotifier.java privilege escalation

A vulnerability was found in Hipchat Plugin up to 2.2.0 on Jenkins. It has been classified as critical. Affected is code of the file HipChatNotifier.java of the component Authorization. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Hipchat Plugin up to 2.2.0 on Jenkins Authorization HipChatNotifier.java Notification privilege escalation

A vulnerability was found in Hipchat Plugin up to 2.2.0 on Jenkins and classified as critical. This issue affects a part of the file HipChatNotifier.java of the component Authorization. The manipulation as part of a Notification leads to a...
Auteur: VulDB

Email Extension Template Plugin up to 1.0 on Jenkins ExtEmailTemplateManagement.java cross site request forgery

A vulnerability has been found in Email Extension Template Plugin up to 1.0 on Jenkins and classified as problematic. This vulnerability affects a functionality of the file ExtEmailTemplateManagement.java. The manipulation with an unknown input...
Auteur: VulDB

Job Config History Plugin up to 2.18 on Jenkins Reflected cross site scripting

A vulnerability, which was classified as problematic, was found in Job Config History Plugin up to 2.18 on Jenkins. This affects a function. The manipulation with an unknown input leads to a cross site scripting vulnerability (Reflected). CWE is...
Auteur: VulDB

Rebuilder Plugin up to 1.28 on Jenkins BooleanParameterValue.jelly cross site scripting

A vulnerability, which was classified as problematic, has been found in Rebuilder Plugin up to 1.28 on Jenkins. Affected by this issue is some functionality of the file RebuildAction/BooleanParameterValue.jelly. The manipulation with an unknown...
Auteur: VulDB

Config File Provider Plugin up to 3.1 on Jenkins ConfigFilesManagement.java cross site request forgery

A vulnerability classified as problematic was found in Config File Provider Plugin up to 3.1 on Jenkins. Affected by this vulnerability is the functionality of the file ConfigFilesManagement.java. The manipulation with an unknown input leads to...
Auteur: VulDB

Config File Provider Plugin up to 3.1 on Jenkins cross site scripting

A vulnerability classified as problematic has been found in Config File Provider Plugin up to 3.1 on Jenkins. Affected is an unknown function. The manipulation with an unknown input leads to a cross site scripting vulnerability. CWE is...
Auteur: VulDB

Jira Plugin up to 3.0.1 on Jenkins Authorization JiraSite.java privilege escalation

A vulnerability was found in Jira Plugin up to 3.0.1 on Jenkins. It has been rated as critical. This issue affects some processing of the file JiraSite.java of the component Authorization. The manipulation with an unknown input leads to a...
Auteur: VulDB

JUnit Plugin up to 1.25 on Jenkins TestObject.java description cross site request forgery

A vulnerability was found in JUnit Plugin up to 1.25 on Jenkins. It has been declared as problematic. This vulnerability affects a code block of the file TestObject.java. The manipulation of the argument description with an unknown input leads...
Auteur: VulDB

Jenkins RequestImpl.java information disclosure

A vulnerability was found in Jenkins (the affected version unknown). It has been classified as problematic. This affects code of the file core/src/main/java/org/kohsuke/stapler/RequestImpl.java. The manipulation with an unknown input leads to a...
Auteur: VulDB

Jenkins HudsonPrivateSecurityRealm.java weak authentication

A vulnerability was found in Jenkins (affected version not known) and classified as critical. Affected by this issue is a part of the file core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java. The manipulation with an unknown input...
Auteur: VulDB

Jenkins HudsonPrivateSecurityRealm.java denial of service

A vulnerability has been found in Jenkins (affected version unknown) and classified as problematic. Affected by this vulnerability is a functionality of the file core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java. The manipulation...
Auteur: VulDB

Jenkins Api.java cross site scripting

A vulnerability, which was classified as problematic, was found in Jenkins (version unknown). Affected is a function of the file core/src/main/java/hudson/model/Api.java. The manipulation with an unknown input leads to a cross site scripting...
Auteur: VulDB

Jenkins FileParameterValue.java file directory traversal

A vulnerability, which was classified as critical, has been found in Jenkins (unknown version). This issue affects some functionality of the file core/src/main/java/hudson/model/FileParameterValue.java. The manipulation of the argument file with...
Auteur: VulDB

Cybozu Remote Service up to 3.1.0 Upload Java privilege escalation

A vulnerability classified as critical has been found in Cybozu Remote Service up to 3.1.0. Affected is an unknown function of the component Upload. The manipulation with an unknown input leads to a privilege escalation vulnerability (Java). CWE...
Auteur: VulDB

LogonTracer up to 1.2.0 Code Injection privilege escalation

A vulnerability was found in LogonTracer up to 1.2.0. It has been rated as critical. This issue affects some processing. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Injection). Using CWE to declare...
Auteur: VulDB

LogonTracer up to 1.2.0 OS Command Injection privilege escalation

A vulnerability was found in LogonTracer up to 1.2.0. It has been declared as critical. This vulnerability affects a code block. The manipulation with an unknown input leads to a privilege escalation vulnerability (OS Command Injection). The CWE...
Auteur: VulDB

LogonTracer up to 1.2.0 XML Data XML External Entity

A vulnerability was found in LogonTracer up to 1.2.0. It has been classified as critical. This affects code of the component XML Data Handler. The manipulation with an unknown input leads to a privilege escalation vulnerability (XXE). CWE is...
Auteur: VulDB
First1003100410051006100710081009101010111012Last

Événements SSI