lundi 6 juillet 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Zephyr for JIRA Test Management Plugin up to 1.5 on Jenkins Permission Check privilege escalation

A vulnerability was found in Zephyr for JIRA Test Management Plugin up to 1.5 on Jenkins and classified as critical. Affected by this issue is an unknown part of the component Permission Check. There is no information about possible...
Auteur: VulDB

Zephyr for JIRA Test Management Plugin up to 1.5 on Jenkins cross site request forgery

A vulnerability has been found in Zephyr for JIRA Test Management Plugin up to 1.5 on Jenkins and classified as problematic. Affected by this vulnerability is some unknown functionality. There is no information about possible countermeasures...
Auteur: VulDB

ZAP Pipeline Plugin up to 1.9 on Jenkins CSP privilege escalation

A vulnerability, which was classified as critical, was found in ZAP Pipeline Plugin up to 1.9 on Jenkins. Affected is an unknown functionality of the component CSP Handler. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

White Source Plugin up to 19.1.1 on Jenkins Global Configuration config.xml weak encryption

A vulnerability, which was classified as problematic, has been found in White Source Plugin up to 19.1.1 on Jenkins. This issue affects an unknown function of the file config.xml of the component Global Configuration. There is no information...
Auteur: VulDB

GitHub Coverage Reporter Plugin up to 1.8 on Jenkins Global Configuration weak encryption

A vulnerability classified as problematic was found in GitHub Coverage Reporter Plugin up to 1.8 on Jenkins (Bug Tracking Software). This vulnerability affects some unknown processing of the component Global Configuration. There is no information...
Auteur: VulDB

ElasticBox Jenkins Kubernetes CI-CD Plugin up to 1.3 on Jenkins YAML Parser Remote Code Execution

A vulnerability classified as critical has been found in ElasticBox Jenkins Kubernetes CI-CD Plugin up to 1.3 on Jenkins (Virtualization Software). This affects an unknown code block of the component YAML Parser. There is no information about...
Auteur: VulDB

Stash Branch Parameter Plugin up to 0.3.0 on Jenkins Credentials weak encryption

A vulnerability was found in Stash Branch Parameter Plugin up to 0.3.0 on Jenkins (Jenkins Plugin). It has been rated as problematic. Affected by this issue is an unknown code. There is no information about possible countermeasures known. It may...
Auteur: VulDB

Jenkins TestComplete Support Plugin up to 2.4.1 config.xml information disclosure

A vulnerability was found in Jenkins TestComplete Support Plugin up to 2.4.1 (Continuous Integration Software). It has been declared as problematic. Affected by this vulnerability is an unknown part of the file config.xml. There is no information...
Auteur: VulDB

Slack Upload Plugin up to 1.7 on Jenkins config.xml information disclosure

A vulnerability was found in Slack Upload Plugin up to 1.7 on Jenkins (Messaging Software). It has been classified as problematic. Affected is some unknown functionality of the file config.xml. There is no information about possible...
Auteur: VulDB

VncViewer Plugin up to 1.7 on Jenkins checkVncServ Parameter cross site scripting

A vulnerability was found in VncViewer Plugin up to 1.7 on Jenkins (Jenkins Plugin) and classified as problematic. This issue affects the function checkVncServ. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

VncRecorder Plugin up to 1.25 on Jenkins checkVncServ Parameter cross site scripting

A vulnerability has been found in VncRecorder Plugin up to 1.25 on Jenkins (Jenkins Plugin) and classified as problematic. This vulnerability affects the function checkVncServ. There is no information about possible countermeasures known. It may...
Auteur: VulDB

VncRecorder Plugin up to 1.25 on Jenkins Validation Endpoint checkVncServ cross site scripting

A vulnerability, which was classified as problematic, was found in VncRecorder Plugin up to 1.25 on Jenkins (Jenkins Plugin). This affects the function checkVncServ of the component Validation Endpoint. There is no information about possible...
Auteur: VulDB

Fortify on Demand Plugin up to 5.0.1 on Jenkins Demand Endpoint privilege escalation

A vulnerability, which was classified as critical, has been found in Fortify on Demand Plugin up to 5.0.1 on Jenkins (Jenkins Plugin). Affected by this issue is an unknown code block of the component Demand Endpoint. There is no information about...
Auteur: VulDB

Fortify on Demand Plugin up to 5.0.1 on Jenkins Demand Endpoint cross site request forgery

A vulnerability classified as problematic was found in Fortify on Demand Plugin up to 5.0.1 on Jenkins (Jenkins Plugin). Affected by this vulnerability is an unknown code of the component Demand Endpoint. There is no information about possible...
Auteur: VulDB

Fortify on Demand Plugin up to 6.0.0 on Jenkins Permission Check Credentials information disclosure

A vulnerability classified as problematic has been found in Fortify on Demand Plugin up to 6.0.0 on Jenkins (Jenkins Plugin). Affected is an unknown part of the component Permission Check. There is no information about possible countermeasures...
Auteur: VulDB

Sonargraph Integration Plugin up to 3.0.0 on Jenkins Stored cross site scripting

A vulnerability was found in Sonargraph Integration Plugin up to 3.0.0 on Jenkins (Jenkins Plugin). It has been rated as problematic. This issue affects some unknown functionality. There is no information about possible countermeasures known. It...
Auteur: VulDB

LibRaw up to 0.19 unpack_thumb.cpp memory corruption

A vulnerability was found in LibRaw up to 0.19. It has been declared as critical. This vulnerability affects an unknown functionality of the file decoders/unpack_thumb.cpp. Upgrading to version 0.20-RC1 eliminates this vulnerability.
Auteur: VulDB

DuckDuckGo App duckduckgo.com information disclosure [Disputed]

A vulnerability was found in DuckDuckGo App (the affected version unknown). It has been classified as problematic. This affects an unknown function of the file duckduckgo.com. There is no information about possible countermeasures known. It may...
Auteur: VulDB

QEMU 4.2.0 MemoryRegionOps denial of service

A vulnerability was found in QEMU 4.2.0 and classified as problematic. Affected by this issue is the function MemoryRegionOps. There is no information about possible countermeasures known. It may be suggested to replace the affected object with...
Auteur: VulDB

Tendermint up to 0.33.5 Signature denial of service

A vulnerability has been found in Tendermint up to 0.33.5 and classified as problematic. Affected by this vulnerability is an unknown code block of the component Signature Handler. Upgrading to version 0.33.6 eliminates this vulnerability.
Auteur: VulDB

PrestaShop up to 1.7.6.5 Reflected cross site scripting

A vulnerability, which was classified as problematic, was found in PrestaShop up to 1.7.6.5. Affected is an unknown code. Upgrading to version 1.7.6.6 eliminates this vulnerability.
Auteur: VulDB

PrestaShop up to 1.7.6.5 Dashboard privilege escalation

A vulnerability, which was classified as critical, has been found in PrestaShop up to 1.7.6.5 (E-Commerce Management Software). This issue affects an unknown part of the component Dashboard. Upgrading to version 1.7.6.6 eliminates this...
Auteur: VulDB

PrestaShop up to 1.7.6.5 index.php information disclosure

A vulnerability classified as problematic was found in PrestaShop up to 1.7.6.5 (E-Commerce Management Software). This vulnerability affects some unknown functionality of the file index.php. Upgrading to version 1.7.6.6 eliminates this...
Auteur: VulDB

PrestaShop up to 1.7.6.5 Release Archive information disclosure

A vulnerability classified as problematic has been found in PrestaShop up to 1.7.6.5 (E-Commerce Management Software). This affects an unknown functionality of the component Release Archive. Upgrading to version 1.7.6.6 eliminates this...
Auteur: VulDB

PrestaShop up to 1.7.6.5 Carrier Page/Module Manager/Module Positions privilege escalation

A vulnerability was found in PrestaShop up to 1.7.6.5 (E-Commerce Management Software). It has been rated as critical. Affected by this issue is an unknown function of the component Carrier Page/Module Manager/Module Positions. Upgrading to...
Auteur: VulDB
12345678910Last

Événements SSI