Lucene search
K

545 matches found

NVD
NVD
added 2019/08/07 3:15 p.m.31 views

CVE-2019-10385

Jenkins eggPlant Plugin 2.2 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

6.5CVSS6.4AI score0.01482EPSS
Exploits0References3
NVD
NVD
added 2019/08/01 1:15 p.m.24 views

CVE-2019-14336

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated dump of all of the config files through a certain admin.cgi?action= insecure HTTP request...

5.5CVSS5.6AI score0.01266EPSS
Exploits3References3
OSV
OSV
added 2019/08/01 1:15 p.m.2 views

CVE-2019-14336

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated dump of all of the config files through a certain admin.cgi?action= insecure HTTP request...

5.5CVSS6.1AI score0.01266EPSS
Exploits3References3
Prion
Prion
added 2019/08/01 1:15 p.m.20 views

Cross site request forgery (csrf)

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated dump of all of the config files through a certain admin.cgi?action= insecure HTTP request...

2.1CVSS5.6AI score0.01266EPSS
Exploits3References3Affected Software2
Cvelist
Cvelist
added 2019/08/01 12:30 p.m.22 views

CVE-2019-14336

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated dump of all of the config files through a certain admin.cgi?action= insecure HTTP request...

5.6AI score0.01266EPSS
Exploits3References3
CVE
CVE
added 2019/08/01 12:30 p.m.49 views

CVE-2019-14336

CVE-2019-14336 affects D-Link 6600-AP and DWL-3600AP with firmware 4.2.0.14 Ax. The vulnerability enables post-authenticated dump of all configuration files via an insecure HTTP request to admin.cgi, leading to information disclosure. Multiple connected sources corroborate an authenticated access...

5.5CVSS5.5AI score0.01266EPSS
Exploits3References3Affected Software1
Positive Technologies
Positive Technologies
added 2019/07/15 12:0 a.m.2 views

PT-2019-4123 · Microsoft +2 · Windows +3

Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 4.0.11 MongoDB Server versions prior to 3.6.14 MongoDB Server versions prior to 3.4.22 Description: The issue is related to insufficient access control in the MongoDB database management system. An unprivilege...

8.2CVSS7.3AI score0.01011EPSS
Exploits0References8
NVD
NVD
added 2019/07/11 2:15 p.m.30 views

CVE-2019-10351

Jenkins Caliper CI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS8.7AI score0.01632EPSS
Exploits0References4
NVD
NVD
added 2019/07/03 7:15 p.m.21 views

CVE-2019-9872

In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. If the Settings Repository plugin was then used and configured to synchronize...

8.1CVSS8.1AI score0.01153EPSS
Exploits0References1
OSV
OSV
added 2019/07/03 7:15 p.m.5 views

CVE-2019-9872

In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. If the Settings Repository plugin was then used and configured to synchronize...

8.1CVSS7.1AI score0.01153EPSS
Exploits0References1
Metasploit
Metasploit
added 2019/06/29 4:48 p.m.90 views

Xymon Daemon Gather Information

This module retrieves information from a Xymon daemon service formerly Hobbit, based on Big Brother, including server configuration information, a list of monitored hosts, and associated client log for each host. This module also retrieves usernames and password hashes from the xymonpasswd config...

7.5CVSS8.8AI score0.17852EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2019/04/30 5:3 p.m.20 views

Low: Red Hat Security Advisory: openstack-ceilometer security update

An update for openstack-ceilometer is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.8CVSS6AI score0.00386EPSS
Exploits0References2
NVD
NVD
added 2019/04/04 4:29 p.m.36 views

CVE-2019-10283

Jenkins mabl Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS8.7AI score0.01773EPSS
Exploits0References3
Prion
Prion
added 2019/04/04 4:29 p.m.11 views

Design/Logic Flaw

Jenkins Fabric Beta Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

4CVSS6.4AI score0.01226EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2019/04/04 4:29 p.m.9 views

CVE-2019-1003061

Jenkins jenkins-cloudformation-plugin Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS8.7AI score0.01423EPSS
Exploits0References3
Prion
Prion
added 2019/04/04 4:29 p.m.16 views

Design/Logic Flaw

Jenkins Jira Issue Updater Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

4CVSS8.6AI score0.01365EPSS
Exploits0References3
Prion
Prion
added 2019/04/04 4:29 p.m.10 views

Design/Logic Flaw

Jenkins Trac Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

4CVSS8.6AI score0.01365EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/04/04 3:38 p.m.15 views

CVE-2019-10284

Jenkins Diawi Upload Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.7AI score0.01773EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/04/04 3:38 p.m.11 views

CVE-2019-1003067

Jenkins Trac Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.7AI score0.01365EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/04/04 3:38 p.m.13 views

CVE-2019-1003054

Jenkins Jira Issue Updater Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.7AI score0.01365EPSS
Exploits0References3
Rows per page
Query Builder