Lucene search
K

1313 matches found

Positive Technologies
Positive Technologies
added 2022/05/10 12:0 a.m.6 views

PT-2022-19298 · D Link · Dir-882

Name of the Vulnerable Software and Affected Versions: D-Link DIR882 version DIR882A1 FW130B06 Description: A command injection issue exists in the /setnetworksettings/SubnetMask component, allowing attackers to escalate privileges to root by sending a crafted payload. Recommendations: For versio...

10CVSS9.5AI score0.03598EPSS
Exploits1References3
WPVulnDB
WPVulnDB
added 2022/05/03 12:0 a.m.21 views

Content Mask < 1.8.4.1 - Subscriber+ Arbitrary Options Update

The plugin does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options PoC POST /wp-admin/admin-ajax.php...

4.3CVSS1.4AI score0.01052EPSS
Exploits3Affected Software1
CNNVD
CNNVD
added 2022/05/03 12:0 a.m.5 views

GitLab 信息泄露漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community edition of GitLab. An information disclosure vulnerability exists in Gitlab Community Edition versions...

7.5CVSS7.3AI score0.00867EPSS
Exploits0References5
Patchstack
Patchstack
added 2022/05/03 12:0 a.m.28 views

WordPress Content Mask plugin <= 1.8.4 - Arbitrary Options Update vulnerability

Arbitrary Options Update vulnerability discovered by ptsfence in WordPress Content Mask plugin versions = 1.8.4. Solution Update the WordPress Content Mask plugin to the latest available version at least 1.8.4.1...

4.3CVSS3.2AI score0.01052EPSS
Exploits3References3Affected Software1
wpexploit
wpexploit
added 2022/05/03 12:0 a.m.103 views

Content Mask < 1.8.4.1 - Subscriber+ Arbitrary Options Update

The plugin does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options POST /wp-admin/admin-ajax.php...

4.3CVSS0.6AI score0.01052EPSS
Exploits3
OSV
OSV
added 2022/04/24 10:36 p.m.6 views

GSD-2022-1002349 af_netlink: Fix shift out of bounds in group mask calculation

afnetlink: Fix shift out of bounds in group mask calculation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.238 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 10:8 p.m.6 views

GSD-2022-1002075 af_netlink: Fix shift out of bounds in group mask calculation

afnetlink: Fix shift out of bounds in group mask calculation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.110 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 9:45 p.m.7 views

GSD-2022-1001827 af_netlink: Fix shift out of bounds in group mask calculation

afnetlink: Fix shift out of bounds in group mask calculation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.33 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 9:18 p.m.6 views

GSD-2022-1001511 af_netlink: Fix shift out of bounds in group mask calculation

afnetlink: Fix shift out of bounds in group mask calculation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/24 8:52 p.m.7 views

GSD-2022-1001194 af_netlink: Fix shift out of bounds in group mask calculation

afnetlink: Fix shift out of bounds in group mask calculation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/04/13 12:0 a.m.31 views

GHSA-PJM3-F4VH-3H3H Stored Cross-site Scripting in Jenkins Mask Passwords Plugin

Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. Exploitation of this...

5.4CVSS5.7AI score0.00798EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/04/13 12:0 a.m.27 views

Stored Cross-site Scripting in Jenkins Mask Passwords Plugin

Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. Exploitation of this...

5.4CVSS5.6AI score0.00798EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/12 8:15 p.m.3 views

CVE-2022-29043

Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS6.1AI score0.00798EPSS
Exploits0References2
NVD
NVD
added 2022/04/12 8:15 p.m.23 views

CVE-2022-29043

Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS0.00798EPSS
Exploits0References1
Prion
Prion
added 2022/04/12 8:15 p.m.22 views

Cross site scripting

Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

3.5CVSS5.2AI score0.00798EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2022/04/12 7:50 p.m.45 views

CVE-2022-29043

Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS2.7AI score0.00798EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/12 7:50 p.m.26 views

CVE-2022-29043

Jenkins Mask Passwords Plugin 3.0 and earlier does not escape the name and description of Non-Stored Password parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.7AI score0.00798EPSS
Exploits0References1
CVE
CVE
added 2022/04/12 7:50 p.m.101 views

CVE-2022-29043

The CVE-2022-29043 entry describes a stored XSS vulnerability in Jenkins Mask Passwords Plugin (version 3.0 and earlier). The flaw arises because the plugin does not escape the name and description of Non-Stored Password parameters on parameter views, enabling an attacker with Item/Configure perm...

5.4CVSS5.3AI score0.00798EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/04/12 12:0 a.m.6 views

PT-2022-19383 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins Mask Passwords Plugin versions 3.0 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability, which is exploitable by attackers with Item/Configure permission. This occurs because the plugin does no...

5.4CVSS5.5AI score0.00798EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.3 views

Jenkins Mask Passwords Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exis...

5.4CVSS5.3AI score0.00798EPSS
Exploits0References4
Rows per page
Query Builder