Lucene search
K

106 matches found

OSV
OSV
added 2023/02/15 2:15 p.m.5 views

CVE-2023-25767

A cross-site request forgery CSRF vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server...

8.8CVSS7.2AI score0.00455EPSS
Exploits0References2
NVD
NVD
added 2023/02/15 2:15 p.m.36 views

CVE-2023-25766

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS4.4AI score0.00511EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:33 a.m.30 views

SUSE CVE-2018-3827

A sensitive data disclosure flaw was found in the Elasticsearch repository-azure formerly elasticsearch-cloud-azure plugin. When the repository-azure plugin is set to log at TRACE level Azure credentials can be inadvertently logged...

8.1CVSS6.5AI score0.01014EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/02/15 12:0 a.m.11 views

CVE-2023-25766

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.5AI score0.00511EPSS
Exploits0References2
CVE
CVE
added 2023/02/15 12:0 a.m.82 views

CVE-2023-25766

CVE-2023-25766 concerns the Jenkins Azure Credentials Plugin (253.v887e0f9e898b and earlier). The root cause is a missing permission check that lets an attacker with Overall/Read access enumerate credential IDs stored in Jenkins. The vulnerability primarily enables information disclosure of crede...

4.3CVSS4.4AI score0.00511EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/15 12:0 a.m.10 views

CVE-2023-25768

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server...

6.3AI score0.00639EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/15 12:0 a.m.10 views

CVE-2023-25767

A cross-site request forgery CSRF vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server...

8.7AI score0.00455EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/15 12:0 a.m.6 views

Jenkins Plugin Azure Credentials 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

6.5CVSS6.5AI score0.00639EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/02/15 12:0 a.m.44 views

CVE-2023-25767

A cross-site request forgery CSRF vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server...

8.9AI score0.00455EPSS
Exploits0References2
CVE
CVE
added 2023/02/15 12:0 a.m.101 views

CVE-2023-25767

CVE-2023-25767 is a CSRF vulnerability affecting Jenkins Azure Credentials Plugin in versions up to 253.v887e0f9e898b and earlier. The Red Hat and OSV entries confirm the flaw permits an attacker to trigger actions that cause the Jenkins client to connect to an attacker-controlled web server, due...

8.8CVSS8.6AI score0.00455EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/02/15 12:0 a.m.94 views

CVE-2023-25768

CVE-2023-25768 : A missing permission check in the Jenkins Azure Credentials Plugin (253.v887e0f9e898b and earlier) allows users with Overall/Read to connect to an attacker-specified web server. Documented impact: limited to integrity impact (I) and no confidentiality/availability impact per sour...

6.5CVSS6.3AI score0.00639EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/02/15 12:0 a.m.9 views

Jenkins Plugin Azure Credentials 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

4.3CVSS5.1AI score0.00511EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/02/15 12:0 a.m.50 views

Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.9 Multiple Vulnerabilities (CloudBees Security Advisory 2023-02-15)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.9. It is, therefore, affected by multiple vulnerabilities including the following: - CSRF vulnerability and missing permission checks in Synopsys Coverity Plugin allow...

9.9CVSS6.1AI score0.814EPSS
Exploits0References12
AlpineLinux
AlpineLinux
added 2023/02/15 12:0 a.m.28 views

CVE-2023-25766

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS5.4AI score0.00511EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2023/02/15 12:0 a.m.30 views

CVE-2023-25768

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server...

6.5CVSS6.7AI score0.00639EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2023/02/15 12:0 a.m.24 views

CVE-2023-25767

A cross-site request forgery CSRF vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server...

8.8CVSS8.5AI score0.00455EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/08/10 12:0 a.m.7 views

IBM Robotic Process Automation 安全漏洞

IBM Robotic Process Automation is a robotic process automation product from IBM USA. It helps you automate more business and IT processes at scale with the ease and speed of traditional RPA. IBM Robotic Process Automation version 21.0.0, version 21.0.1, and version 21.0.2 contains a security...

4.9CVSS6.7AI score0.00661EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/01/19 12:0 a.m.20 views

Elastic Elasticsearch < 6.3.0 Information Exposure Vulnerability (ESA-2018-11)

Elasticsearch is prone to an information exposure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.1CVSS8AI score0.01014EPSS
Exploits0References2
OSV
OSV
added 2020/04/08 7:15 p.m.7 views

CVE-2020-1978

TechSupport files generated on Palo Alto Networks VM Series firewalls for Microsoft Azure platform configured with high availability HA inadvertently collect Azure dashboard service account credentials. These credentials are equivalent to the credentials associated with the Contributor role in...

4.4CVSS6.1AI score0.00307EPSS
Exploits0References1
CNVD
CNVD
added 2018/09/21 12:0 a.m.26 views

Elasticsearch repository-azure information disclosure vulnerability

Elasticsearch is the Netherlands Elasticsearch company based on Lucene built a set of open source distributed RESTful search engine , it is mainly used in cloud computing , and supports the use of JSON via HTTP for data indexing . repository-azure is one of the repository plugin . An information...

8.1CVSS6.8AI score0.01014EPSS
Exploits0References1
Rows per page
Query Builder