5 matches found
PT-2025-38598
Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.1049 Vasion Print formerly PrinterLogic Application versions prior to 20.0.2786 Description Vasion Print formerly PrinterLogic Virtual Appliance Host and...
UBUNTU-CVE-2024-48936
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled stepmgr via...
GHSA-97WP-63WQ-HFWH Jenkins Ansible Plugin job configuration form does not mask variables
Jenkins Ansible Plugin allows the specification of extra variables that can be passed to Ansible. These extra variables are commonly used to pass secrets. Ansible Plugin 204.v8191fd551ebf and earlier stores these extra variables unencrypted in job config.xml files on the Jenkins controller as par...
Dridex affiliate dresses up as Scrooge
Threat actors are hoping to catch a few more victims before they leave work for the Christmas holidays. The recent malicious spam campaigns malspam we and others have observed appear to have been created by someone who wants to play Scrooge and add onto peoples already heightened state of anxiety...
CVE-2020-29204
XXL-JOB 2.2.0 allows Stored XSS in Add User to bypass the 20-character limit via xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java...