Lucene search
K

24 matches found

Cvelist
Cvelist
added 2020/01/29 3:15 p.m.28 views

CVE-2020-2101

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret...

5.6AI score0.01368EPSS
Exploits0References6
Cvelist
Cvelist
added 2020/01/29 3:15 p.m.35 views

CVE-2020-2099

Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonati...

8.3AI score0.01012EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2016/11/03 8:8 a.m.8 views

NetworkManager: Race condition allowing info leak

A race condition vulnerability was discovered in NetworkManager. Temporary files were created insecurely when saving or updating connection settings, which could allow local users to read connection secrets such as VPN passwords or WiFi keys...

6.2CVSS5.8AI score0.00264EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/01/21 12:0 a.m.68 views

RHEL 6 : java-1.8.0-openjdk (RHSA-2016:0050)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0050 advisory. - TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol SLOTH CVE-2015-7575 - OpenJDK: URL deserialization inconsistencie...

10CVSS7.8AI score0.14714EPSS
Exploits0References16
Rows per page
Query Builder