1885 matches found
CVE-2021-41004
A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series versions: Firmware below v1.0.7.0...
CVE-2021-41005
A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series versions: Firmware below v1.0.7.0...
Design/Logic Flaw
A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series versions: Firmware below v1.0.7.0...
Design/Logic Flaw
A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series versions: Firmware below v1.0.7.0...
CVE-2021-41004
A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series versions: Firmware below v1.0.7.0...
CVE-2021-41005
A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series versions: Firmware below v1.0.7.0...
CVE-2021-41004
CVE-2021-41004 affects Aruba Instant On 1930 Switch Series with firmware versions below 1.0.7.0. The vulnerability is remote, with network access and low attack complexity, yielding a high impact (availability impact, CVSSv3.1 base score 7.5). Root cause indicated by connected sources as an input...
CVE-2021-41005
The CVE-2021-41005 case concerns Aruba Instant On 1930 Switch Series. A remote vulnerability affects firmware versions below 1.0.7.0, caused by an input validation error in the device’s handling of user-supplied input. Exposures: remote attacker can trigger a denial of service (DoS). No exploitat...
Aruba Instant 输入验证错误漏洞
Aruba Instant is a wireless network from Aruba USA. provides the only Wi-Fi solution that is easy to set up. An input validation error vulnerability exists in Aruba Instant On 1930 switches due to insufficient validation of user-supplied input. A remote user could pass specially crafted input to ...
Aruba Instant 输入验证错误漏洞
Aruba Instant is a wireless network from Aruba USA. provides the only Wi-Fi solution that is easy to set up. An input validation error vulnerability exists in Aruba Instant On 1930 switches due to insufficient validation of user-supplied input. A remote attacker could pass specially crafted input...
Cooldown tricking possible
Lines of code Vulnerability details Impact Due to an approach that upon a transfer the weighted average is calculated for the cooldown, it is possible to trick it in a way that ready funds can "thrive" in the allowed window, ready to payout. Anytime it is ending, those funds can be "mixed" with...
Jenkins instant-messaging Plugin信息泄露漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. The vulnerability stems from unencrypted group chat passwords stored in the...
org.jenkins-ci.plugins:mypeople (>=0.3 <=0.3.0.3), org.jenkins-ci.plugins:skype-notifier (>=1.0 <=1.1.0) +2 more potentially affected by CVE-2022-28135 via org.jvnet.hudson.plugins:instant-messaging (>=1.0 <=1.4)
org.jvnet.hudson.plugins:instant-messaging MAVEN version =1.0, =0.3, =1.0, =2.0, =1.0, =unspecified Source cves: CVE-2022-28135 Source advisory: OSV:GHSA-HPM9-FX8V-W45V...
Plaintext storage in Jenkins instant-messaging Plugin
Jenkins instant-messaging Plugin 1.41 and earlier stores passwords for group chats unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
GHSA-HPM9-FX8V-W45V Plaintext storage in Jenkins instant-messaging Plugin
Jenkins instant-messaging Plugin 1.41 and earlier stores passwords for group chats unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
CVE-2022-28135
Jenkins instant-messaging Plugin 1.41 and earlier stores passwords for group chats unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
CVE-2022-28135
Jenkins instant-messaging Plugin 1.41 and earlier stores passwords for group chats unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
CVE-2022-28135
Jenkins instant-messaging Plugin 1.41 and earlier stores passwords for group chats unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
Design/Logic Flaw
Jenkins instant-messaging Plugin 1.41 and earlier stores passwords for group chats unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
CVE-2022-28135
CVE-2022-28135 affects Jenkins’ instant-messaging Plugin (versions 1.41 and earlier). The vulnerability stems from passwords for group chats being stored unencrypted in the plugin’s global configuration file on the Jenkins controller, exposing them to anyone with access to the controller filesyst...