155 matches found
new packages: perl-Test-Harness
An update is available for perl-Test-Harness. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
com.antelink.reporter.jenkins.plugin:AntepediaReporter-CI-plugin (>=1.7 <=1.8), com.dubture.jenkins:digitalocean-plugin (>=0.1 <=0.2) +39 more potentially affected by CVE-2014-2058 via org.jenkins-ci.main:jenkins-core (>=1.533 <=1.550)
org.jenkins-ci.main:jenkins-core MAVEN version =1.533, =1.7, =0.1, =1.53, =1.0.0, =0.1, =1.533, =1.533, =1.533, =1.533, =0.1.3, =0.1.5 and more Source cves: CVE-2014-2058 Source advisory: OSV:GHSA-7FPG-PP3M-H22F...
com.antelink.reporter.jenkins.plugin:AntepediaReporter-CI-plugin (>=1.7 <=1.8), com.dubture.jenkins:digitalocean-plugin (>=0.1 <=0.2) +39 more potentially affected by CVE-2014-2066 via org.jenkins-ci.main:jenkins-core (>=1.533 <=1.550)
org.jenkins-ci.main:jenkins-core MAVEN version =1.533, =1.7, =0.1, =1.53, =1.0.0, =0.1, =1.533, =1.533, =1.533, =1.533, =0.1.3, =0.1.5 and more Source cves: CVE-2014-2066 Source advisory: OSV:GHSA-8JFX-H6Q2-V4G3...
hudson.plugins.concurrent_login:concurrent-login-plugin (>=0.5 <=0.7), org.jenkins-ci.main:jenkins-test-harness (=1.513) +4 more potentially affected by CVE-2013-2034 via org.jenkins-ci.main:jenkins-core (=1.513)
org.jenkins-ci.main:jenkins-core MAVEN version =1.513 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.main:jenkins-core and may be impacted: - hudson.plugins.concurrentlogin:concurrent-login-plugin =0.5, =0.7 -...
com.elasticbox.jenkins-ci.plugins:elasticbox (>=4.0.9 <=4.1.0), org.jenkins-ci.lib:xtrigger-lib (=0.36) +13 more potentially affected by CVE-2016-0788 via org.jenkins-ci.main:jenkins-core (>=1.643 <=1.649)
org.jenkins-ci.main:jenkins-core MAVEN version =1.643, =4.0.9, =1.643, =1.643, =1.645, =0.5, =1.648, =4.0.4, =1.0.0, =1.643, =1.0.45, =0.3.2, =0.3.8 - org.jenkins.plugins.statistics.gatherer:statistics-gatherer =1.0.1 Source cves: CVE-2016-0788 Source advisory: OSV:GHSA-J7Q5-H445-F7PC...
com.elasticbox.jenkins-ci.plugins:elasticbox (>=4.0.9 <=4.1.0), org.jenkins-ci.lib:xtrigger-lib (=0.36) +13 more potentially affected by CVE-2016-0789 via org.jenkins-ci.main:jenkins-core (>=1.643 <=1.649)
org.jenkins-ci.main:jenkins-core MAVEN version =1.643, =4.0.9, =1.643, =1.643, =1.645, =0.5, =1.648, =4.0.4, =1.0.0, =1.643, =1.0.45, =0.3.2, =0.3.8 - org.jenkins.plugins.statistics.gatherer:statistics-gatherer =1.0.1 Source cves: CVE-2016-0789 Source advisory: OSV:GHSA-8P3C-M625-WH83...
com.cloudbees.jenkins.plugins:additional-identities-plugin (=1.1), com.sonyericsson.hudson.plugins.rebuild:rebuild (>=1.15 <=1.27) +30 more potentially affected by CVE-2012-6073 via org.jenkins-ci.main:jenkins-core (>=1.481 <=1.490)
org.jenkins-ci.main:jenkins-core MAVEN version =1.481, =1.15, =1.1, =0.2.0, =0.1.0, =1.0.0, =1.481, =1.481, =1.481, =1.481, =1.0, =1.1 - org.jenkins-ci.modules:slave-installer =1.0 - org.jenkins-ci.modules:upstart-slave-installer =1.0 - org.jenkins-ci.modules:windows-slave-installer =1.0 and more...
Improper Neutralization of Input During Web Page Generation in Dojo Dojo Objective Harness
Dojo Dojo Objective Harness DOH version prior to version 1.14 contains a Cross Site Scripting XSS vulnerability in unit.html and testsDOH/base/loader/i18n-exhaustive/i18n-test/unit.html and testsDOH/base/i18nExhaustive.js in the DOH that can result in Victim attacked through their browser - deliv...
GHSA-VMQ9-CM7M-4P8P Improper Neutralization of Input During Web Page Generation in Dojo Dojo Objective Harness
Dojo Dojo Objective Harness DOH version prior to version 1.14 contains a Cross Site Scripting XSS vulnerability in unit.html and testsDOH/base/loader/i18n-exhaustive/i18n-test/unit.html and testsDOH/base/i18nExhaustive.js in the DOH that can result in Victim attacked through their browser - deliv...
hudson.plugins.concurrent_login:concurrent-login-plugin (>=0.5 <=0.7), org.jenkins-ci.main:jenkins-test-harness (=1.513) +4 more potentially affected by CVE-2013-2033 via org.jenkins-ci.main:jenkins-core (=1.513)
org.jenkins-ci.main:jenkins-core MAVEN version =1.513 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.main:jenkins-core and may be impacted: - hudson.plugins.concurrentlogin:concurrent-login-plugin =0.5, =0.7 -...
com.piketec.jenkins.plugins:piketec-tpt (=6.3), io.jenkins.plugins:aws-lambda-cloud (>=0.3 <=0.4) +13 more potentially affected by CVE-2015-5323 via org.jenkins-ci.main:jenkins-core (>=1.626 <=1.637)
org.jenkins-ci.main:jenkins-core MAVEN version =1.626, =0.3, =1.2, =1.1.2, =1.626, =1.626, =1.1.0, =0.1, =0.2, =0.1, =2.4, =1.626, =1.21, =1.0.3, =1.0, =2.0.27 Source cves: CVE-2015-5323 Source advisory: OSV:GHSA-X4M5-J4X4-4WJG...
com.piketec.jenkins.plugins:piketec-tpt (=6.3), io.jenkins.plugins:aws-lambda-cloud (>=0.3 <=0.4) +13 more potentially affected by CVE-2015-5318 via org.jenkins-ci.main:jenkins-core (>=1.626 <=1.637)
org.jenkins-ci.main:jenkins-core MAVEN version =1.626, =0.3, =1.2, =1.1.2, =1.626, =1.626, =1.1.0, =0.1, =0.2, =0.1, =2.4, =1.626, =1.21, =1.0.3, =1.0, =2.0.27 Source cves: CVE-2015-5318 Source advisory: OSV:GHSA-3WMV-7PHP-RHG5...
com.buildcoin.plugins.jenkins:buildcoin-plugin (>=1.0 <=1.4), com.coravy.hudson.plugins.github:github (>=1.1 <=1.8) +99 more potentially affected by CVE-2012-0785 via org.jenkins-ci.main:jenkins-core (>=1.425 <=1.446)
org.jenkins-ci.main:jenkins-core MAVEN version =1.425, =1.0, =1.1, =0.3.2, =1.1, =1.0, =0.1, =1.1, =1.1, =0.2.5, =1.425, =1.425, =1.425, =1.425, =1.446 and more Source cves: CVE-2012-0785 Source advisory: OSV:GHSA-PCHP-C5W8-47GC...
aadetools (>=0.0.3 <=0.0.5), aegea (>=2.0.0 <=2.2.5) +119 more potentially affected by CVE-2021-3572 via pip (>=10.0.0b2 <=21.0.1)
pip PYPI version =10.0.0b2, =0.0.3, =2.0.0, =0.1.2, =0.0.1, =5.1.0, =0.0.1, =0.0.0, =0.0.2, =0.1.0, =0.0.0, =0.1.0.dev1, =0.0.1, =0.0.1, =0.2.3 and more Source cves: CVE-2021-3572 Source advisory: OSV:PYSEC-2021-437...
@codedungeon/gunner (>=0.38.0 <=0.80.1), @codedungeon/laravel-versions-cli (=0.1.0) +22 more potentially affected by CVE-2021-3807 via ansi-regex (>=4.0.0 <=4.1.0)
ansi-regex NPM version =4.0.0, =0.38.0, =0.0.65, =0.0.0, =0.0.41, =0.0.12, =0.0.0, =0.2.0, =3.3.69, =0.0.3, =0.2.11, =5.1.0, =4.0.58, =3.0.58, =6.0.17, =6.1.110 and more Source cves: CVE-2021-3807 Source advisory: OSV:GHSA-93Q8-GQ69-WQMW...
Autoharness - A Tool That Automatically Creates Fuzzing Harnesses Based On A Library
AutoHarness is a tool that automatically generates fuzzing harnesses for you. This idea stems from a concurrent problem in fuzzing codebases today: large codebases have thousands of functions and pieces of code that can be embedded fairly deep into the library. It is very hard or sometimes even...
Fpicker - A Frida-based Fuzzing Suite Supporting Various Modes (Including AFL++ In-Process Fuzzing)
fpicker is a Frida-based fuzzing suite that offers a variety of fuzzing modes for in-process fuzzing, such as an AFL++ mode or a passive tracing mode. It should run on all platforms that are supported by Frida. Installation Instructions Building and Running Creating a Fuzzing Harness Modes and...
Exploit for Improper Input Validation in Vmware View_Planner
CVE-2021-21978 CVE-2021-21978: Remote Code Execution vulnera...
CVE-2021-21978
VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could uploa...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156-Baron-Samedit This repo contains my work on clum...