229 matches found
HackerOne: Unauthenticated users can obtain information about Checklist objects with unclaimed ChecklistCheck objects
The Checklist objects that can be queried through GraphQL are supposed to only be accessible by program members, the users who claimed or responded to a check belonging to a checklist, and HackerOne Pentesters. The Checklist object is also supposed to be in the running state e.g. when the platfor...
jenkins: CSRF protection tokens for anonymous users did not expire in some circumstances (SECURITY-1491)
A flaw was found in Jenkins. Users are allowed to obtain CSRF tokens without an associated web session ID, resulting in CSRF tokens that did not expire and could be used to bypass CSRF protection for the anonymous user. The highest threat from this vulnerability is to data confidentiality and...
CVE-2019-11253
Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially crashing and becoming...
Input validation
Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially crashing and becoming...
CVE-2019-11253
Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially crashing and becoming...
jenkins: CSRF protection tokens for anonymous users did not expire in some circumstances (SECURITY-1491)
A flaw was found in Jenkins. Users are allowed to obtain CSRF tokens without an associated web session ID, resulting in CSRF tokens that did not expire and could be used to bypass CSRF protection for the anonymous user. The highest threat from this vulnerability is to data confidentiality and...
DRUPAL-CONTRIB-2019-047
In certain configuration cases, when a learning path is configured as semi-private, anonymous users are allowed to join a learning path when they should not...
Opigno Learning path - Moderately critical - Access bypass - SA-CONTRIB-2019-047
In certain configuration cases, when a learning path is configured as semi-private, anonymous users are allowed to join a learning path when they should not...
Jenkins 2.150.2 - Remote Command Execution Exploit
Exploit for linux platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Jenkins %q This module can run commands on the system using Jenkins...
Jenkins 2.150.2 - Remote Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Jenkins %q This module can run commands on the system using Jenkins users who has JOB creation and BUILD privileges. The...
CVE-2017-6922
In Drupal core 8.x prior to 8.3.4 and Drupal core 7.x prior to 7.56; Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visible to the anonymous user that uploaded them, rather than all anonymous users. Drupal core did not...
CVE-2017-6922 Files uploaded by anonymous users into a private file system can be accessed by other anonymous users
In Drupal core 8.x prior to 8.3.4 and Drupal core 7.x prior to 7.56; Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visible to the anonymous user that uploaded them, rather than all anonymous users. Drupal core did not...
CVE-2018-16959
An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The portal component is delivered with an insecure default User Profile community configuration that allows anonymous users to retrieve the account names of all portal users via /portal/server.pt/user/user/ requests. When WCI ...
Design/Logic Flaw
An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The portal component is delivered with an insecure default User Profile community configuration that allows anonymous users to retrieve the account names of all portal users via /portal/server.pt/user/user/ requests. When WCI ...
CVE-2018-16959
An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The portal component is delivered with an insecure default User Profile community configuration that allows anonymous users to retrieve the account names of all portal users via /portal/server.pt/user/user/ requests. When WCI ...
Microsoft Windows: Network access: Let Everyone permissions apply to anonymous users
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winnapermissionsanonymoususer.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Network access: Let Everyone permissions apply to anonymous users Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks...
Microsoft Windows: Network access: Shares that can be accessed anonymously
This security setting determines which network shares can accessed by anonymous users. C Microsoft Corporation 2015. Note: This policy check will report compliance by default if the key is empty or missing. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a...
CVE-2017-2606
Jenkins before versions 2.44, 2.32.2 is vulnerable to an information exposure in the internal API that allows access to item names that should not be visible SECURITY-380. This only affects anonymous users other users legitimately have access that were able to get a list of items via an...
CVE-2017-2606
Jenkins before versions 2.44, 2.32.2 is vulnerable to an information exposure in the internal API that allows access to item names that should not be visible SECURITY-380. This only affects anonymous users other users legitimately have access that were able to get a list of items via an...
Menu Import and Export - Critical - Access bypass - SA-CONTRIB-2018-018
This module helps in exporting and importing Menu Items via the administrative interface. The module does not properly restrict access to administrative pages, allowing anonymous users to export and import menu links. There is no mitigation for this vulnerability...