841 matches found
CVE-2020-3547
A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance ESA, Cisco Content Security Management Appliance SMA, and Cisco Web Security Appliance WSA could allow an authenticated, remote attacker to access sensitive information on an affecte...
jenkins-credentials-binding-plugin: improper masking of secrets
Jenkins Credentials Binding Plugin 1.22 and earlier does not mask i.e., replace with asterisks secrets containing a $ character in some circumstances...
RHEL 7 : OpenShift Container Platform 4.5.6 (RHSA-2020:3453)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3453 advisory. The Matrix Project is a module which handles creating Jenkins multi-configuration projects matrix projects. Matrix Authorization allows...
Decades-Old Email Flaws Could Let Attackers Mask Their Identities
Researchers found 18 exploits that take advantage of inconsistencies in the email plumbing most people never think about...
The vulnerability of the Data Masking component regarding data copying from working Oracle systems allows attackers to modify, add, or delete data, or gain unauthorized access to protected information.
The vulnerability of Data Masking in copying data from Oracle workstations exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access to protected information...
CVE-2020-4408
The IBM QRadar Advisor 1.1 through 2.5.2 with Watson App for IBM QRadar SIEM does not adequately mask all passwords during input, which could be obtained by a physical attacker nearby. IBM X-Force ID: 179536...
CVE-2020-4408
The IBM QRadar Advisor 1.1 through 2.5.2 with Watson App for IBM QRadar SIEM does not adequately mask all passwords during input, which could be obtained by a physical attacker nearby. IBM X-Force ID: 179536...
jenkins-credentials-binding-plugin: improper masking of secrets
Jenkins Credentials Binding Plugin 1.22 and earlier does not mask i.e., replace with asterisks secrets containing a $ character in some circumstances...
CVE-2020-2983
Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager component: Data Masking. Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2020-2983
Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager component: Data Masking. Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
Design/Logic Flaw
Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager component: Data Masking. Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2020-2983
Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager component: Data Masking. Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2020-2983
Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager component: Data Masking. Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2020-2983
The CVE-2020-2983 entry describes a vulnerability in Oracle Data Masking and Subsetting (Oracle Enterprise Manager), specifically in the Data Masking component. Affected are Oracle Enterprise Manager versions 13.3.0.0 and 13.4.0.0. The flaw permits a low-privileged attacker with network access vi...
CVE-2020-2182
Jenkins Credentials Binding Plugin 1.22 and earlier does not mask i.e., replace with asterisks secrets containing a $ character in some circumstances...
CVE-2020-2182
Jenkins Credentials Binding Plugin 1.22 and earlier does not mask i.e., replace with asterisks secrets containing a $ character in some circumstances...
PT-2020-15394 · Jenkins · Jenkins Credentials Binding Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Credentials Binding Plugin versions 1.22 and earlier Description: The issue concerns the Jenkins Credentials Binding Plugin, where secrets are not masked in the build log when the build contains no build steps. This affects the securi...
PT-2020-15395 · Jenkins · Jenkins Credentials Binding Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Credentials Binding Plugin versions 1.22 and earlier Description: The issue concerns the masking of secrets in the Jenkins Credentials Binding Plugin. Secrets containing a $ character are not properly masked in certain circumstances,...
CVE-2019-11763
A flaw was found in Mozilla Firefox and Thunderbird where null bytes were incorrectly parsed in HTML entities. This could lead to HTML comments being treated as code which could lead to XSS in a web application or HTML entities being masked from filters...
CVE-2019-11763
Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML...