Lucene search
K

1393 matches found

Cvelist
Cvelist
added 2023/07/26 6:20 p.m.24 views

CVE-2023-3414 Cross-Site Request Forgery (CSRF) in Jenkins Plug-in for ServiceNow DevOps

A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for...

6.1CVSS6.8AI score0.00356EPSS
Exploits0References1
CVE
CVE
added 2023/07/26 6:20 p.m.254 views

CVE-2023-3414

CVE-2023-3414 is a Cross-Site Request Forgery vulnerability in the Jenkins Plug-in for ServiceNow DevOps prior to version 1.38.1. Exploitation could lead to exposure of sensitive information via CSRF on form validation without requiring POST? or with improper permission checks. Remediation: upgra...

6.5CVSS6.4AI score0.00356EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/26 6:20 p.m.22 views

CVE-2023-3414 Cross-Site Request Forgery (CSRF) in Jenkins Plug-in for ServiceNow DevOps

A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for...

6.1CVSS6.5AI score0.00356EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/26 12:0 a.m.7 views

Jenkins Plugin ServiceNow DevOps 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin ServiceNow...

6.5CVSS6.3AI score0.00356EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/07/26 12:0 a.m.5 views

Jenkins Plugin ServiceNow DevOps 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin ServiceNow...

7.7CVSS7.3AI score0.00595EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/26 12:0 a.m.5 views

PT-2023-24866 · Jenkins · Jenkins Plug-In For Servicenow Devops +1

Name of the Vulnerable Software and Affected Versions: Jenkins Plug-in for ServiceNow DevOps versions prior to 1.38.1 Description: A missing authorization issue exists that could lead to the unwanted exposure of sensitive information if exploited successfully. Recommendations: For versions prior ...

7.7CVSS7.3AI score0.00595EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/07/26 12:0 a.m.5 views

PT-2023-24694 · Jenkins · Jenkins Plug-In For Servicenow Devops +1

Name of the Vulnerable Software and Affected Versions: Jenkins Plug-in for ServiceNow DevOps versions prior to 1.38.1 Description: A cross-site request forgery issue exists that could cause the unwanted exposure of sensitive information if exploited successfully. Recommendations: For versions pri...

6.5CVSS6.3AI score0.00356EPSS
Exploits0References8
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/07/13 12:0 a.m.8 views

AI Coding Companions: Comparing AWS, GitHub, & Google

Top cloud vendors and software companies are rolling out AI coding companions that use generative AI to speed up and streamline DevOps. In this blog, we take a look at what some of these new tools have in common, where they differ, and what they mean for cybersecurity...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/07/07 12:0 a.m.51 views

Azure DevOps Server 2022 XSS

The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by a cross-site scripting vulnerability. An attacker who successfully exploited the vulnerability could access data that is available for the current user. Depending on the user's...

7.1CVSS7.2AI score0.00887EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/06/19 12:0 a.m.6 views

The vulnerability of the Azure DevOps Server software, related to errors in information presentation on the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of the Azure DevOps Server software relates to errors in information presentation by the user interface. Exploiting this vulnerability could allow a malicious actor to perform spear-phishing attacks remotely...

6.5CVSS6.6AI score0.00684EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/19 12:0 a.m.3 views

The vulnerability of the Azure DevOps Server software, related to errors in information presentation on the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of the Azure DevOps Server software relates to errors in information presentation by the user interface. Exploiting this vulnerability could allow a malicious actor to perform spear-phishing attacks remotely...

7.5CVSS7.2AI score0.00933EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/06/16 12:0 a.m.23 views

Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (June 2023)

The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by multiple server spoofing vulnerabilities. An attacker who successfully exploited the vulnerability could access data that is available for the current user. Depending on the...

7.1CVSS6.7AI score0.00933EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/06/14 12:15 a.m.2 views

CVE-2023-21569

Azure DevOps Server Spoofing Vulnerability...

5.5CVSS6.8AI score0.00684EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2023/06/14 12:15 a.m.4 views

CVE-2023-21569

Azure DevOps Server Spoofing Vulnerability...

5.5CVSS7.3AI score0.00684EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/06/14 12:15 a.m.3 views

CVE-2023-21565

Azure DevOps Server Spoofing Vulnerability...

7.1CVSS7.1AI score0.00933EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2023/06/14 12:15 a.m.5 views

CVE-2023-21565

Azure DevOps Server Spoofing Vulnerability...

7.1CVSS7.2AI score0.00933EPSS
Exploits0References1
NVD
NVD
added 2023/06/14 12:15 a.m.19 views

CVE-2023-21569

Azure DevOps Server Spoofing Vulnerability...

5.5CVSS6AI score0.00684EPSS
Exploits0References1
NVD
NVD
added 2023/06/14 12:15 a.m.23 views

CVE-2023-21565

Azure DevOps Server Spoofing Vulnerability...

7.1CVSS6.9AI score0.00933EPSS
Exploits0References1
Prion
Prion
added 2023/06/14 12:15 a.m.20 views

Spoofing

Azure DevOps Server Spoofing Vulnerability...

6CVSS6AI score0.00684EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/06/14 12:15 a.m.23 views

Spoofing

Azure DevOps Server Spoofing Vulnerability...

5.5CVSS6.8AI score0.00933EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder