Lucene search
K

1393 matches found

Prion
Prion
added 2023/08/08 6:15 p.m.23 views

Spoofing

Azure DevOps Server Spoofing Vulnerability...

6.8CVSS6.4AI score0.00651EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/08 5:8 p.m.23 views

CVE-2023-36869 Azure DevOps Server Spoofing Vulnerability

...

6.3CVSS6.8AI score0.00651EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/08 5:8 p.m.27 views

CVE-2023-36869 Azure DevOps Server Spoofing Vulnerability

...

6.3CVSS6.9AI score0.00651EPSS
Exploits0References1
CVE
CVE
added 2023/08/08 5:8 p.m.125 views

CVE-2023-36869

CVE-2023-36869 corresponds to a spoofing vulnerability in Microsoft Azure DevOps Server. Connected sources specify that the flaw allows an attacker to pretend to be another user, i.e., UI spoofing, with CVSS v3.1 base metrics: AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L (base 6.3). The vulnerability is c...

6.3CVSS6.5AI score0.00651EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2023/08/08 7:0 a.m.39 views

Azure DevOps Server Spoofing Vulnerability

...

6.3CVSS7.1AI score0.00651EPSS
Exploits0
NCSC
NCSC
added 2023/08/08 12:0 a.m.7 views

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in several Azure components. A malicious party could exploit the vulnerabilities to impersonate another user, potentially gaining access gain access to sensitive data in the victim's context, or execute code with the victim's privileges. Successful exploitation...

7CVSS6.5AI score0.01314EPSS
Exploits0
CNNVD
CNNVD
added 2023/08/08 12:0 a.m.9 views

Microsoft Azure DevOps Server 安全漏洞

Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as sharing code, work tracking, and software distribution. The Microsoft Azure DevOps Server spoofing vulnerability can be exploited by attackers...

6.3CVSS6.6AI score0.00651EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2023/08/08 12:0 a.m.94 views

KLA51717 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A spoofing...

8.8CVSS9.5AI score0.74288EPSS
Exploits1References35
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.5 views

PT-2023-25730 · Microsoft · Azure Devops Server

Name of the Vulnerable Software and Affected Versions: Azure DevOps Server affected versions not specified Description: The issue is related to a spoofing vulnerability. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-wor...

6.3CVSS9.3AI score0.00651EPSS
Exploits0References4
OSV
OSV
added 2023/07/26 9:30 p.m.18 views

GHSA-CJ2X-R74Q-VCX9 Missing authorization in Jenkins Plug-in for ServiceNow

A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow...

7.7CVSS7.4AI score0.00595EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2023/07/26 9:30 p.m.29 views

Missing authorization in Jenkins Plug-in for ServiceNow

A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow...

7.7CVSS6.6AI score0.00595EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2023/07/26 7:15 p.m.32 views

CVE-2023-3442

A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow...

7.7CVSS7.5AI score0.00595EPSS
Exploits0References1
OSV
OSV
added 2023/07/26 7:15 p.m.3 views

CVE-2023-3442

A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow...

7.5CVSS5.8AI score0.00595EPSS
Exploits0References1
NVD
NVD
added 2023/07/26 7:15 p.m.13 views

CVE-2023-3414

A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for...

6.5CVSS6.5AI score0.00356EPSS
Exploits0References1
OSV
OSV
added 2023/07/26 7:15 p.m.4 views

CVE-2023-3414

A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for...

6.5CVSS5.7AI score0.00356EPSS
Exploits0References1
Prion
Prion
added 2023/07/26 7:15 p.m.18 views

Authorization

A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow...

5CVSS7.4AI score0.00595EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/07/26 7:15 p.m.19 views

Cross site request forgery (csrf)

A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for...

4.3CVSS6.3AI score0.00356EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/26 6:32 p.m.30 views

CVE-2023-3442 Missing Authorization in Jenkins plug-in for ServiceNow DevOps

A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow...

7.7CVSS7.7AI score0.00595EPSS
Exploits0References1
CVE
CVE
added 2023/07/26 6:32 p.m.255 views

CVE-2023-3442

CVE-2023-3442 affects the Jenkins Plug-in for ServiceNow DevOps prior to version 1.38.1. The issue is a missing authorization check that could allow exposure of sensitive information when exploited. The advisory explicitly recommends updating the plugin on Jenkins servers to 1.38.1; no changes ar...

7.7CVSS7.4AI score0.00595EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/26 6:32 p.m.17 views

CVE-2023-3442 Missing Authorization in Jenkins plug-in for ServiceNow DevOps

A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow...

7.7CVSS6.5AI score0.00595EPSS
Exploits0References1
Rows per page
Query Builder