7486 matches found
Debian: Security Advisory (DSA-1970-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-196-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Arbitrary Code Execution
jenkins-2-plugins is vulnerable to Arbitrary Code Execution. An attacker can inject and execute arbitrary code within the Jenkins JVM controller through the maliciously crafted untrusted libraries or pipelines...
PT-2023-13256 · Qualcomm · Qualcomm Ipc
Name of the Vulnerable Software and Affected Versions: Qualcomm IPC affected versions not specified Description: The issue is related to memory corruption due to improper authentication in Qualcomm IPC while loading unsigned libraries in the audio processing domain. Recommendations: At the moment...
jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
Libraries: Untrusted users can modify some Pipeline libraries in Pipeline Shared Groovy Libraries Plugin
A flaw was found in the Jenkins Pipeline: Shared Groovy Libraries plugin. The Jenkins Pipeline: Shared Groovy Libraries plugin allows attackers to submit pull requests. However, the attacker cannot commit directly to the configured Source Control Management SCM to effectively change the Pipeline...
jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
[SECURITY] Fedora 37 Update: stb-0^20230129git5736b15-0.2.fc37
Single-file public domain libraries for C/C++...
[SECURITY] Fedora 36 Update: stb-0^20230129git5736b15-0.2.fc36
Single-file public domain libraries for C/C++...
The vulnerability of Zyxel 5G NR/4G LTE CPE router servers’ libraries allows a hacker to execute arbitrary commands and cause service interruptions.
The vulnerability of the Zyxel 5G NR/4G LTE CPE router server libraries is due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands and cause service failures...
Jenkins plugins Multiple Vulnerabilities (2022-10-19)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - A sandbox bypass vulnerability involving various casts performed implicitly by the Groovy language runtime in Jenkins Script Security Plugi...
CVE-2021-4327 SerenityOS TypedArray.cpp initialize_typed_array_from_array_buffer integer overflow
A vulnerability was found in SerenityOS. It has been rated as critical. Affected by this issue is the function initializetypedarrayfromarraybuffer in the library Userland/Libraries/LibJS/Runtime/TypedArray.cpp. The manipulation leads to integer overflow. The exploit has been disclosed to the publ...
The vulnerability of the server-side application library for creating reports from TIBCO JasperReports Library, JasperReports Library for ActiveMatrix BPM, JasperReports Server, JasperReports Server for AWS Marketplace, and JasperReports Server for ActiveMatrix BPM arises from an incorrect limitation on the path to the restricted directory. This allows attackers to disclose sensitive information that should be protected.
The vulnerability of the server-side application libraries for creating reports, such as the TIBCO JasperReports Library, JasperReports Library for ActiveMatrix BPM, JasperReports Server, JasperReports Server for AWS Marketplace, and JasperReports Server for ActiveMatrix BPM, is related to an...
Fedora: Security Advisory for plasma-workspace (FEDORA-2023-e31c3e4b6c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for Code Injection in Underscorejs Underscore
Detection-script-for-cve-2021-23358 Detection script for cve-2...
[SECURITY] Fedora 37 Update: plasma-workspace-5.27.1-1.fc37
Plasma 5 libraries and runtime components...