Lucene search
K

97 matches found

OSV
OSV
added 2024/03/06 6:30 p.m.23 views

GHSA-XJ36-6XC6-8P9X Jenkins Delphix Plugin has SSL/TLS certificate validation disabled by default

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

4.8CVSS5.5AI score0.00417EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/03/06 6:30 p.m.20 views

Jenkins Delphix Plugin has improper SSL/TLS certificate validation

In Jenkins Delphix Plugin 3.0.1 through 3.1.0 both inclusive a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation...

4.2CVSS6.8AI score0.00337EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2024/03/06 6:30 p.m.43 views

Jenkins Delphix Plugin has SSL/TLS certificate validation disabled by default

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

5.3CVSS6.8AI score0.00417EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/03/06 6:30 p.m.12 views

GHSA-PFH3-J79R-VQRJ Jenkins Delphix Plugin has improper SSL/TLS certificate validation

In Jenkins Delphix Plugin 3.0.1 through 3.1.0 both inclusive a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation...

4.2CVSS4.5AI score0.00337EPSS
Exploits0References5
NVD
NVD
added 2024/03/06 5:15 p.m.34 views

CVE-2024-28162

In Jenkins Delphix Plugin 3.0.1 through 3.1.0 both inclusive a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation...

4.2CVSS5.7AI score0.00337EPSS
Exploits0References2
NVD
NVD
added 2024/03/06 5:15 p.m.46 views

CVE-2024-28161

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

5.3CVSS5.7AI score0.00417EPSS
Exploits0References2
Prion
Prion
added 2024/03/06 5:15 p.m.31 views

Input validation

In Jenkins Delphix Plugin 3.0.1 through 3.1.0 both inclusive a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation...

6.6AI score0.00337EPSS
Exploits0References1
Prion
Prion
added 2024/03/06 5:15 p.m.35 views

Default credentials

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

6.6AI score0.00417EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/06 5:2 p.m.39 views

CVE-2024-28162

In Jenkins Delphix Plugin 3.0.1 through 3.1.0 both inclusive a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation...

6.6AI score0.00337EPSS
Exploits0References2
CVE
CVE
added 2024/03/06 5:2 p.m.88 views

CVE-2024-28161

CVE-2024-28161 (Jenkins Delphix Plugin 3.0.1) : The issue is a misconfiguration where a global option to enable/disable SSL/TLS certificate validation for Data Control Tower (DCT) connections is disabled by default. This creates a potential for connections to proceed without proper certificate va...

5.3CVSS6.5AI score0.00417EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/03/06 5:2 p.m.34 views

CVE-2024-28161

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

6.6AI score0.00417EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.4 views

SUSE CVE-2011-0713

Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file...

6.8CVSS8.2AI score0.0348EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:27 a.m.5 views

SUSE CVE-2018-11033

The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted JPEG data...

7.8CVSS8.1AI score0.01276EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.5 views

SUSE CVE-2022-24106

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...

7.8CVSS6.9AI score0.00292EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:24 a.m.5 views

SUSE CVE-2022-38228

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc...

7.8CVSS7.6AI score0.00324EPSS
Exploits1References3
OSV
OSV
added 2022/09/23 6:15 p.m.15 views

UBUNTU-CVE-2022-35094

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::readHuffSymDCTHuffTable at /xpdf/Stream.cc...

5.5CVSS5.8AI score0.00397EPSS
Exploits1References4
NVD
NVD
added 2022/08/30 4:15 a.m.19 views

CVE-2022-24106

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...

7.8CVSS0.00292EPSS
Exploits0References2
OSV
OSV
added 2022/08/30 4:15 a.m.21 views

CVE-2022-24106

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...

7.8CVSS7.5AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/08/30 4:15 a.m.38 views

CVE-2022-24106

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...

7.8CVSS7AI score0.00292EPSS
Exploits0References6
OSV
OSV
added 2022/08/30 4:15 a.m.3 views

UBUNTU-CVE-2022-24106

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...

7.8CVSS5.7AI score0.00292EPSS
Exploits0References7
Rows per page
Query Builder