Lucene search
K

386 matches found

OSV
OSV
added 2022/06/20 7:27 a.m.4 views

MAL-2022-2351 Malicious code in datadog-datadog_agent (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6bab8731934c04ee67305ba08b6f14d770597c44c819b3c369f96e2af3a04d08 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/06/20 7:27 a.m.9 views

MAL-2022-2345 Malicious code in datadog-app-example-random-dog-dog-image-widget (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b50dcc4d3984665cd138c5e4d7a07df4b4516229793751b28f80309508902d51 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/06/20 7:27 a.m.5 views

MAL-2022-2350 Malicious code in datadog-app-template (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d5c23ab02e94b66cf9d5a3d565de9ba699bdbdb31faf3eeed5b78fca3bf1ab2b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/06/20 7:27 a.m.9 views

MAL-2022-2349 Malicious code in datadog-app-stream-admin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e2bb8c835585dd549dff499a67f8ac42c774755fe17d7c7f54561aa816afca2c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/06/20 7:27 a.m.13 views

MAL-2022-2343 Malicious code in datadog-agent-github-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9002ec7ae8e71f521014b440d4e81aea944c0c36aca8f9cd4c01bd5e609626cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/05/17 12:33 a.m.20 views

Exposure of Sensitive Information in Jenkins Datadog plugin

The Datadog Plugin stores an API key to access the Datadog service in the global Jenkins configuration. While the API key is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the API key for example through browser...

4.3CVSS1.1AI score0.01038EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/17 12:33 a.m.19 views

GHSA-HF7W-F4H4-9XP8 Exposure of Sensitive Information in Jenkins Datadog plugin

The Datadog Plugin stores an API key to access the Datadog service in the global Jenkins configuration. While the API key is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the API key for example through browser...

3.1CVSS3.5AI score0.01038EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/05/13 1:30 a.m.6 views

com.piketec.jenkins.plugins:piketec-tpt (=6.3), io.jenkins.plugins:aws-lambda-cloud (>=0.3 <=0.4) +14 more potentially affected by CVE-2015-8103 via org.jenkins-ci.main:cli (>=1.626 <=1.637)

org.jenkins-ci.main:cli MAVEN version =1.626, =0.3, =1.2, =1.1.2, =1.626, =1.626, =1.626, =1.1.0, =0.1, =0.2, =0.1, =2.4, =1.626, =1.21, =1.0.3, =1.0.18 and more Source cves: CVE-2015-8103 Source advisory: OSV:GHSA-WFW7-6632-XCV2...

9.8CVSS7.2AI score0.86829EPSS
Exploits12
vulnersOsv
vulnersOsv
added 2022/05/13 1:30 a.m.10 views

com.piketec.jenkins.plugins:piketec-tpt (=6.3), io.jenkins.plugins:aws-lambda-cloud (>=0.3 <=0.4) +13 more potentially affected by CVE-2015-5318 via org.jenkins-ci.main:jenkins-core (>=1.626 <=1.637)

org.jenkins-ci.main:jenkins-core MAVEN version =1.626, =0.3, =1.2, =1.1.2, =1.626, =1.626, =1.1.0, =0.1, =0.2, =0.1, =2.4, =1.626, =1.21, =1.0.3, =1.0, =2.0.27 Source cves: CVE-2015-5318 Source advisory: OSV:GHSA-3WMV-7PHP-RHG5...

6.8CVSS7.2AI score0.0116EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 1:30 a.m.4 views

com.piketec.jenkins.plugins:piketec-tpt (=6.3), io.jenkins.plugins:aws-lambda-cloud (>=0.3 <=0.4) +13 more potentially affected by CVE-2015-5326 via org.jenkins-ci.main:jenkins-core (>=1.626 <=1.637)

org.jenkins-ci.main:jenkins-core MAVEN version =1.626, =0.3, =1.2, =1.1.2, =1.626, =1.626, =1.1.0, =0.1, =0.2, =0.1, =2.4, =1.626, =1.21, =1.0.3, =1.0, =2.0.27 Source cves: CVE-2015-5326 Source advisory: OSV:GHSA-5MWR-JG3R-JV66...

4.3CVSS7.2AI score0.01786EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 1:30 a.m.5 views

com.piketec.jenkins.plugins:piketec-tpt (=6.3), io.jenkins.plugins:aws-lambda-cloud (>=0.3 <=0.4) +13 more potentially affected by CVE-2015-5322 via org.jenkins-ci.main:jenkins-core (>=1.626 <=1.637)

org.jenkins-ci.main:jenkins-core MAVEN version =1.626, =0.3, =1.2, =1.1.2, =1.626, =1.626, =1.1.0, =0.1, =0.2, =0.1, =2.4, =1.626, =1.21, =1.0.3, =1.0, =2.0.27 Source cves: CVE-2015-5322 Source advisory: OSV:GHSA-89VC-7FRQ-2RFJ...

5CVSS7.2AI score0.03156EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 1:30 a.m.5 views

com.piketec.jenkins.plugins:piketec-tpt (=6.3), io.jenkins.plugins:aws-lambda-cloud (>=0.3 <=0.4) +13 more potentially affected by CVE-2015-5323 via org.jenkins-ci.main:jenkins-core (>=1.626 <=1.637)

org.jenkins-ci.main:jenkins-core MAVEN version =1.626, =0.3, =1.2, =1.1.2, =1.626, =1.626, =1.1.0, =0.1, =0.2, =0.1, =2.4, =1.626, =1.21, =1.0.3, =1.0, =2.0.27 Source cves: CVE-2015-5323 Source advisory: OSV:GHSA-X4M5-J4X4-4WJG...

6.5CVSS7.2AI score0.01491EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/01/14 7:0 p.m.19 views

7Rapid Questions: Stephen Donnelly

At Rapid7, there's no shortage of passionate leaders looking to challenge convention and make an impact. Our "7Rapid Questions" series is a way to highlight some of the amazing work taking place behind the scenes, and the exciting growth opportunities available in our global offices. For this...

Exploits0
GithubExploit
GithubExploit
added 2021/12/15 9:1 a.m.287 views

Exploit for Expression Language Injection in Apache Log4J

CVE-2021-45046-Info Oh no another one POC $ctx:apive...

9CVSS8.3AI score0.99977EPSS
Exploits40
BDU FSTEC
BDU FSTEC
added 2021/12/01 12:0 a.m.6 views

The vulnerability in the implementation of the Datadog integration configuration for software platforms based on Git, which allows attackers to perform cross-site scripting attacks.

The vulnerability in the implementation of the Datadog integration configuration for software platforms based on Git, which facilitates collaborative code development on GitLab, is related to insufficient protection of the apikeysurl web page structure. Exploiting this vulnerability could allow a...

7.7CVSS6.2AI score0.00912EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2021/11/05 12:15 a.m.31 views

CVE-2021-22260

A stored Cross-Site Scripting vulnerability in the DataDog integration in all versions of GitLab CE/EE starting from 13.7 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to execute arbitrary JavaScript code on the...

7.7CVSS0.00912EPSS
Exploits1References3
OSV
OSV
added 2021/11/05 12:15 a.m.29 views

CVE-2021-22260

A stored Cross-Site Scripting vulnerability in the DataDog integration in all versions of GitLab CE/EE starting from 13.7 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to execute arbitrary JavaScript code on the...

5.4CVSS6.3AI score0.00912EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2021/11/05 12:15 a.m.16 views

CVE-2021-22260

A stored Cross-Site Scripting vulnerability in the DataDog integration in all versions of GitLab CE/EE starting from 13.7 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to execute arbitrary JavaScript code on the...

7.7CVSS7AI score0.00912EPSS
Exploits1References1
Prion
Prion
added 2021/11/05 12:15 a.m.16 views

Cross site scripting

A stored Cross-Site Scripting vulnerability in the DataDog integration in all versions of GitLab CE/EE starting from 13.7 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to execute arbitrary JavaScript code on the...

3.5CVSS5.3AI score0.00912EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/11/04 11:10 p.m.34 views

CVE-2021-22260

A stored Cross-Site Scripting vulnerability in the DataDog integration in all versions of GitLab CE/EE starting from 13.7 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to execute arbitrary JavaScript code on the...

7.7CVSS7.1AI score0.00912EPSS
Exploits1References3
Rows per page
Query Builder