CVE-2024-47791

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible topics in Ruijie MQTT broker, and receive partial messages being sent to and from devices...

Ruijie Networks ReyeeOS 安全漏洞

Ruijie Networks ReyeeOS is a router from Ruijie Networks China. A security vulnerability exists in Ruijie Networks ReyeeOS version 2.206.x up to and including 2.320.x. An attacker can exploit this vulnerability to invalidate a legitimate user's session and launch a denial of service attack agains...

Ruijie Networks ReyeeOS 安全漏洞

Ruijie Networks ReyeeOS is a router from Ruijie Networks China. A security vulnerability exists in Ruijie Networks ReyeeOS version 2.206.x up to and including version 2.320.x. An attacker can use this vulnerability to send a malicious message. An attacker could use this vulnerability to send a...

Ruijie Networks ReyeeOS 安全漏洞

Ruijie Networks ReyeeOS is a router from Ruijie Networks China. A security vulnerability exists in Ruijie Networks ReyeeOS version 2.206.x up to and including 2.320.x. An attacker could exploit the vulnerability to associate a device serial number with a user's phone number and partial email...

Ruijie Networks ReyeeOS 安全漏洞

Ruijie Networks ReyeeOS is a router from Ruijie Networks China. A security vulnerability exists in Ruijie Networks ReyeeOS version 2.206.x up to and including version 2.320.x, which stems from the use of a weak credential mechanism. An attacker can easily compute MQTT credentials by exploiting th...

PT-2024-9567 · Ruijie · Ruijie Reyee Os

Name of the Vulnerable Software and Affected Versions: Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x Description: The issue is related to insufficient storage of service data in the Ruijie Reyee OS, which could allow a remote attacker to correlate a device's serial number with...

CVE-2022-34170

In Jenkins 2.320 through 2.355 both inclusive and LTS 2.332.1 through LTS 2.332.3 both inclusive the help icon does not escape the feature name that is part of its tooltip, effectively undoing the fix for SECURITY-1955, resulting in a cross-site scripting XSS vulnerability exploitable by attacker...

Jenkins Cross-Site Scripting Vulnerability (CNVD-2022-65923)

Jenkins is a Jenkins open source application. Jenkins, an open source automation server, provides hundreds of plugins to support building, deploying, and automating any project.A cross-site scripting vulnerability exists in Jenkins versions 2.320 through 2.355, which stems from a symbol-based ico...

Jenkins 2.320 < 2.356, 2.332.1 LTS < 2.332.4 LTS XSS Vulnerability (SECURITY-2779) - Windows

Jenkins is prone to a cross-site scripting XSS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

Jenkins 跨站脚本漏洞

Jenkins is a Jenkins open source application. Jenkins, an open source automation server, provides hundreds of plugins to support building, deploying, and automating any project.A cross-site scripting vulnerability exists in Jenkins versions 2.320 through 2.355, which stems from a symbol-based ico...

PT-2022-22037 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.320 through 2.355 Jenkins LTS versions 2.332.1 through 2.332.3 Description: The help icon in Jenkins does not escape the feature name that is part of its tooltip, resulting in a cross-site scripting XSS vulnerability. This...