[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 193795 Download | Alert*

The host is installed with Zoom Client 5.10.6 before 5.12.0 and is prone to a security misconfiguration vulnerability. A flaw is present in the application, which fails to properly handle issues in a local debugging port. Successful exploitation allows attackers to use the debugging port to connect to and control the Zoom Apps running in the Zoom client.

The host is installed with vm2 before 3.9.11 and is prone to a sandbox escape vulnerability. A flaw is present in the application, which fails to properly handle issue in sandbox protections. Successful exploitation could allow attackers cause remote code execution.

The host is installed with Jenkins LTS through 2.319.1 or Jenkins rolling through 2.329 and is prone to a cross-site request forgery(csrf) vulnerability. A flaw is present in the application, which fails to handle POST requests for the HTTP endpoint. Successful exploitation could allow attakers to trigger build of job without parameters when no security realm.

The host is installed with Jenkins LTS through 2.319.1 or Jenkins rolling through 2.329 and is prone to a cross-site request forgery(csrf) vulnerability. A flaw is present in the application, which fails to handle POST requests for the HTTP endpoint. Successful exploitation could allow attackers to trigger build of job without parameters when no security realm.

The host is installed with Jenkins LTS through 2.303.2 or Jenkins rolling release through 2.318 and is prone to an access control vulnerability. A flaw is present in the application, which fails to handle an agent-to-controller access control issue. Successful exploitation could allow attackers to read and write the contents of any build directory stored in Jenkins with very few restrictions throu ...

The host is installed with Jenkins LTS through 2.303.2 or Jenkins rolling release through 2.318 and is prone to an access control vulnerability. A flaw is present in the application, which fails to handle an agent-to-controller access control issue. Successful exploitation could allow attackers to read and write the contents of any build directory stored in Jenkins with very few restrictions throu ...

The host is installed with Jenkins LTS through 2.303.2 or Jenkins rolling release through 2.318 and is prone to a potection mechanism failure vulnerability. A flaw is present in the application, which fails to handle the agent read/write access to the libs/ directory inside build directories. Successful exploitation could allow attackers in control of agent processes to replace the code of a trust ...

Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not limit agent read/write access to the libs/ directory inside build directories when using the FilePath APIs, allowing attackers in control of agent processes to replace the code of a trusted library with a modified variant. This results in unsandboxed code execution in the Jenkins controller process.

The host is installed with Jenkins LTS through 2.303.2 or Jenkins rolling release through 2.318 and is prone to a missing authorization vulnerability. A flaw is present in the application, which fails to handle an issue in FilePath#listFiles operations. Successful exploitation could allow attackers to list files outside directories that agents are allowed to access when following symbolic links.

The host is installed with Jenkins LTS through 2.303.2 or Jenkins rolling release through 2.318 and is prone to a missing authorization vulnerability. A flaw is present in the application, which fails to handle an issue in FilePath#listFiles operations. Successful exploitation could allow attackers to list files outside directories that agents are allowed to access when following symbolic links.


Pages:      Start    7747    7748    7749    7750    7751    7752    7753    7754    7755    7756    7757    7758    7759    7760    ..   19379

© SecPod Technologies