Lucene search
K

841 matches found

OSV
OSV
added 2020/09/04 3:15 a.m.2 views

CVE-2020-3547

A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance ESA, Cisco Content Security Management Appliance SMA, and Cisco Web Security Appliance WSA could allow an authenticated, remote attacker to access sensitive information on an affecte...

6.5CVSS6.7AI score0.00875EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/08/18 5:4 a.m.2 views

jenkins-credentials-binding-plugin: improper masking of secrets

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask i.e., replace with asterisks secrets containing a $ character in some circumstances...

4.3CVSS6.1AI score0.00881EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/08/18 12:0 a.m.26 views

RHEL 7 : OpenShift Container Platform 4.5.6 (RHSA-2020:3453)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3453 advisory. The Matrix Project is a module which handles creating Jenkins multi-configuration projects matrix projects. Matrix Authorization allows...

7.5CVSS6AI score0.01359EPSS
Exploits1References12
Wired Threat Level
Wired Threat Level
added 2020/08/04 7:43 p.m.20 views

Decades-Old Email Flaws Could Let Attackers Mask Their Identities

Researchers found 18 exploits that take advantage of inconsistencies in the email plumbing most people never think about...

3.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/07/29 12:0 a.m.5 views

The vulnerability of the Data Masking component regarding data copying from working Oracle systems allows attackers to modify, add, or delete data, or gain unauthorized access to protected information.

The vulnerability of Data Masking in copying data from Oracle workstations exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access to protected information...

7.5CVSS7.3AI score0.01103EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2020/07/27 2:15 p.m.15 views

CVE-2020-4408

The IBM QRadar Advisor 1.1 through 2.5.2 with Watson App for IBM QRadar SIEM does not adequately mask all passwords during input, which could be obtained by a physical attacker nearby. IBM X-Force ID: 179536...

4.6CVSS4.3AI score0.00311EPSS
Exploits0References2
OSV
OSV
added 2020/07/27 2:15 p.m.1 views

CVE-2020-4408

The IBM QRadar Advisor 1.1 through 2.5.2 with Watson App for IBM QRadar SIEM does not adequately mask all passwords during input, which could be obtained by a physical attacker nearby. IBM X-Force ID: 179536...

4.6CVSS5.8AI score0.00311EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/07/27 1:50 p.m.2 views

jenkins-credentials-binding-plugin: improper masking of secrets

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask i.e., replace with asterisks secrets containing a $ character in some circumstances...

4.3CVSS6AI score0.00881EPSS
Exploits0References5
OSV
OSV
added 2020/07/15 6:15 p.m.4 views

CVE-2020-2983

Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager component: Data Masking. Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

7.1CVSS7.2AI score0.01103EPSS
Exploits0References1
NVD
NVD
added 2020/07/15 6:15 p.m.20 views

CVE-2020-2983

Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager component: Data Masking. Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

7.1CVSS0.01103EPSS
Exploits0References1
Prion
Prion
added 2020/07/15 6:15 p.m.13 views

Design/Logic Flaw

Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager component: Data Masking. Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

5.5CVSS7AI score0.01103EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/07/15 5:34 p.m.9 views

CVE-2020-2983

Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager component: Data Masking. Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

7.1CVSS6.7AI score0.01103EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/07/15 5:34 p.m.23 views

CVE-2020-2983

Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager component: Data Masking. Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

7.1CVSS7.2AI score0.01103EPSS
Exploits0References1
CVE
CVE
added 2020/07/15 5:34 p.m.38 views

CVE-2020-2983

The CVE-2020-2983 entry describes a vulnerability in Oracle Data Masking and Subsetting (Oracle Enterprise Manager), specifically in the Data Masking component. Affected are Oracle Enterprise Manager versions 13.3.0.0 and 13.4.0.0. The flaw permits a low-privileged attacker with network access vi...

7.1CVSS7AI score0.01103EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2020/06/16 9:25 a.m.33 views

CVE-2020-2182

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask i.e., replace with asterisks secrets containing a $ character in some circumstances...

4CVSS2.8AI score0.00881EPSS
Exploits0References4
OSV
OSV
added 2020/05/06 1:15 p.m.16 views

CVE-2020-2182

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask i.e., replace with asterisks secrets containing a $ character in some circumstances...

4.3CVSS6.5AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/05/06 12:0 a.m.5 views

PT-2020-15394 · Jenkins · Jenkins Credentials Binding Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Credentials Binding Plugin versions 1.22 and earlier Description: The issue concerns the Jenkins Credentials Binding Plugin, where secrets are not masked in the build log when the build contains no build steps. This affects the securi...

6.5CVSS6.2AI score0.01087EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2020/05/06 12:0 a.m.4 views

PT-2020-15395 · Jenkins · Jenkins Credentials Binding Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Credentials Binding Plugin versions 1.22 and earlier Description: The issue concerns the masking of secrets in the Jenkins Credentials Binding Plugin. Secrets containing a $ character are not properly masked in certain circumstances,...

4.3CVSS5.1AI score0.00881EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2020/03/29 7:55 a.m.30 views

CVE-2019-11763

A flaw was found in Mozilla Firefox and Thunderbird where null bytes were incorrectly parsed in HTML entities. This could lead to HTML comments being treated as code which could lead to XSS in a web application or HTML entities being masked from filters...

6.1CVSS1.5AI score0.00994EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/01/08 7:59 p.m.22 views

CVE-2019-11763

Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML...

6.7AI score0.00994EPSS
Exploits0References6
Rows per page
Query Builder