CVE-2023-37963

CVE-2023-37963 – Jenkins Benchmark Evaluator Plugin : A missing permission check in the Benchmark Evaluator Plugin (versions 1.0.1 and earlier) allows attackers with Overall/Read to connect to an attacker-specified URL and to check for the existence of directories, ".csv", and ".ycsb" files on th...

CVE-2023-37962

CVE-2023-37962 concerns Jenkins Benchmark Evaluator Plugin versions 1.0.1 and earlier. A CSRF flaw arises because a form-validation method lacks a permission check and does not require POST, enabling attackers with Overall/Read permission to trigger connections to attacker-specified URLs and to p...

CVE-2023-37962

A cross-site request forgery CSRF vulnerability in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers to connect to an attacker-specified URL and to check for the existence of directories, .csv, and .ycsb files on the Jenkins controller file system...

CVE-2023-37962

A cross-site request forgery CSRF vulnerability in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers to connect to an attacker-specified URL and to check for the existence of directories, .csv, and .ycsb files on the Jenkins controller file system...

Jenkins Plugin Benchmark Evaluator 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Jenkins Plugin Benchmark Evaluator 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

PT-2023-26211 · Jenkins · Jenkins Benchmark Evaluator Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Benchmark Evaluator Plugin versions 1.0.1 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to an attacker-specified URL and to check for the existence of directories, .csv, and .ycsb...

CVE-2023-32114

SAP NetWeaver Change and Transport System - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact ...

CVE-2023-32114

SAP NetWeaver Change and Transport System - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact ...

Design/Logic Flaw

SAP NetWeaver Change and Transport System - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact ...

CVE-2023-32114

CVE-2023-32114 affects SAP NetWeaver Change and Transport System (CTS) for versions 702–757. An authenticated user with admin privileges can repeatedly run a benchmark program, causing resource exhaustion and a denial of service with limited impact on availability; confidentiality and integrity a...

PT-2023-3748 · Sap · Sap Netweaver

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Change and Transport System versions 702 through 757 Description: The issue is related to a lack of resource control mechanism in the Change and Transport System component of SAP NetWeaver. This allows an authenticated user with...

auditpolCIS - CIS Benchmark Testing Of Windows SIEM Configuration

CIS Benchmark testing of Windows SIEM configuration This is an application for testing the configuration of Windows Audit Policy settings against the CIS Benchmark recommended settings. A few points: The tested system was Windows Server 2019, and the benchmark used was also Windows Server 2019. T...

Center for Internet Security (CIS) unveils Azure Foundations Benchmark v2.0.0

The Center for Internet Security CIS recently unveiled the latest version of their Azure Foundations Benchmark—Version 2.0.0. This is the first major release since the benchmark was originally released more than 4 years ago, which could lead you to believe that this update would come with a bunch...

New InsightCloudSec Compliance Pack: Key Takeaways From the Azure Security Benchmark V3

Implementing the proper security policies and controls to keep cloud environments, and the applications and sensitive data they host secure, is a daunting task for anyone. It’s even more of a challenge for folks that are just getting started on their journey to the cloud, and for teams that lack...

SUSE CVE-2017-18210

In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked...

Year in Review: Rapid7 Vulnerability Management

2022 began on a solemn note — many organizations across the globe were recovering from the Log4Shell zero-day vulnerability. For the InsightVM and Nexpose team, 2022 began with a lot of introspection on how we can add more value and keep meeting our customer needs in the best possible ways. This...

Fedora: Security Advisory for kdiskmark (FEDORA-2022-97149edce1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: kdiskmark-3.1.0-1.fc36

KDiskMark is an HDD and SSD benchmark tool with a very friendly graphical user interface. KDiskMark with its presets and powerful GUI calls Flexible I/O Tester and handles the output to provide an easy to view and interpret comprehensive benchmark result...

[SECURITY] Fedora 36 Update: golang-x-perf-0-0.16.20210123gitbdcc622.fc36

This package holds the source for various tools related to performance measurement, storage, and analysis. - cmd/benchstat contains a command-line tool that computes and 7 compares statistics about benchmarks. - cmd/benchsave contains a command-line tool for publishing benchmark results. - storag...