5112 matches found
The vulnerability of the Screen Capture function in the Google Chrome browser allows a hacker to gain access to confidential information.
The vulnerability of the Screen Capture function in Google Chrome browser relates to the use of memory after deallocation. Exploiting this vulnerability can allow a remote attacker to gain access to confidential information through a specially created web page...
CVE-2022-25210
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured...
CVE-2022-25210
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured...
CVE-2022-25193
Missing permission checks in Jenkins Snow Commander Plugin 1.10 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2022-25200
A cross-site request forgery CSRF vulnerability in Jenkins Checkmarx Plugin 2022.1.2 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2022-25192
A cross-site request forgery CSRF vulnerability in Jenkins Snow Commander Plugin 1.10 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2022-25201
Missing permission checks in Jenkins Checkmarx Plugin 2022.1.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
Design/Logic Flaw
Missing permission checks in Jenkins Checkmarx Plugin 2022.1.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
Design/Logic Flaw
Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier uses static fields to store job configuration information, allowing attackers with Item/Configure permission to capture passwords of the jobs that will be configured...
CVE-2022-25210
CVE-2022-25210 affects the Jenkins Convertigo Mobile Platform Plugin up to version 1.1. The vulnerability arises from using static fields to store job configuration information, enabling attackers with Item/Configure permission to capture passwords for jobs that will be configured. This is descri...
CVE-2022-25201
Missing permission checks in Jenkins Checkmarx Plugin 2022.1.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2022-25192
A cross-site request forgery CSRF vulnerability in Jenkins Snow Commander Plugin 1.10 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2022-0586
Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file...
CVE-2022-0582
Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file...
Jenkins Snow Commander Plugin 跨站请求伪造漏洞
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Snow Commander Plugin 2.0 and earlier versions contain a cross-site request forgery vulnerability that stems from a...
PT-2022-17139 · Jenkins · Jenkins Checkmarx Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Checkmarx Plugin versions 2022.1.2 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs, capturing credentials...
Jenkins 插件权限许可和访问控制问题漏洞
The Jenkins Plugin is a plug-in that provides appropriate functionality for Jenkins. Jenkins Checkmarx Plugin Access Control Error vulnerability. An attacker could use this vulnerability to connect to an attacker-specified Web server via an attacker-specified credential ID to capture credentials...
SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2022:0375-1)
The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0375-1 advisory. - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection...
openSUSE 15 Security Update : wireshark (openSUSE-SU-2022:0375-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0375-1 advisory. - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted captu...
AZL-8613 CVE-2022-0583 affecting package wireshark for versions less than 3.4.14-1
Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file...