Lucene search
K

848 matches found

Cvelist
Cvelist
added 2020/07/15 5:34 p.m.24 views

CVE-2020-2983

Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager component: Data Masking. Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

7.1CVSS7.2AI score0.01103EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/06/16 9:25 a.m.34 views

CVE-2020-2182

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask i.e., replace with asterisks secrets containing a $ character in some circumstances...

4CVSS2.8AI score0.00881EPSS
Exploits0References4
OSV
OSV
added 2020/05/06 1:15 p.m.17 views

CVE-2020-2182

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask i.e., replace with asterisks secrets containing a $ character in some circumstances...

4.3CVSS6.5AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/05/06 12:0 a.m.5 views

PT-2020-15394 · Jenkins · Jenkins Credentials Binding Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Credentials Binding Plugin versions 1.22 and earlier Description: The issue concerns the Jenkins Credentials Binding Plugin, where secrets are not masked in the build log when the build contains no build steps. This affects the securi...

6.5CVSS6.2AI score0.01087EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2020/05/06 12:0 a.m.5 views

PT-2020-15395 · Jenkins · Jenkins Credentials Binding Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Credentials Binding Plugin versions 1.22 and earlier Description: The issue concerns the masking of secrets in the Jenkins Credentials Binding Plugin. Secrets containing a $ character are not properly masked in certain circumstances,...

4.3CVSS5.1AI score0.00881EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2020/03/29 7:55 a.m.30 views

CVE-2019-11763

A flaw was found in Mozilla Firefox and Thunderbird where null bytes were incorrectly parsed in HTML entities. This could lead to HTML comments being treated as code which could lead to XSS in a web application or HTML entities being masked from filters...

6.1CVSS1.5AI score0.00994EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/01/08 7:59 p.m.22 views

CVE-2019-11763

Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML...

6.7AI score0.00994EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/10/24 9:19 p.m.4 views

ansible: sub parameters marked as no_log are not masked in certain failure scenarios

A flaw was found in ansible. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processed. As a result, data in the sub parameter fields will not be...

7.3CVSS7.2AI score0.00427EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/10/24 9:19 p.m.5 views

ansible: sub parameters marked as no_log are not masked in certain failure scenarios

A flaw was found in ansible. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processed. As a result, data in the sub parameter fields will not be...

7.3CVSS7.2AI score0.00427EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/10/23 12:0 a.m.35 views

CVE-2019-11763

Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML...

6.1CVSS6.9AI score0.00994EPSS
Exploits0References5
OSV
OSV
added 2019/10/14 3:15 p.m.1 views

DEBIAN-CVE-2019-14858

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

5.5CVSS6.1AI score0.00427EPSS
Exploits0References1
NVD
NVD
added 2019/10/14 3:15 p.m.34 views

CVE-2019-14858

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

7.3CVSS5.9AI score0.00427EPSS
Exploits0References8
Prion
Prion
added 2019/10/14 3:15 p.m.25 views

Design/Logic Flaw

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

2.1CVSS6.1AI score0.00427EPSS
Exploits0References8Affected Software2
PyPA
PyPA
added 2019/10/14 3:15 p.m.6 views

PYSEC-2019-171

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

7.3CVSS6.7AI score0.00427EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2019/10/14 2:36 p.m.259 views

CVE-2019-14858

CVE-2019-14858 affects Ansible engine 2.x up to 2.8 and Ansible Tower 3.x up to 3.5. Root cause: when a module has sub-parameters marked as no_log, an invalid parameter name can cause the task to fail before masking in the sub-parameters is processed, causing data in those fields to be exposed in...

7.3CVSS5.4AI score0.00427EPSS
Exploits0References8Affected Software2
AlpineLinux
AlpineLinux
added 2019/10/14 2:36 p.m.41 views

CVE-2019-14858

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

7.3CVSS5.6AI score0.00427EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2019/10/11 3:0 p.m.19 views

CVE-2019-14858

A flaw was found in ansible. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processed. As a result, data in the sub parameter fields will not be...

7.3CVSS3.5AI score0.00427EPSS
Exploits0References3
Fedora
Fedora
added 2019/09/06 12:59 p.m.26 views

[SECURITY] Fedora 29 Update: lxcfs-3.0.4-1.fc29

LXCFS is a simple userspace filesystem designed to work around some current limitations of the Linux kernel. Specifically, it's providing two main things - A set of files which can be bind-mounted over their /proc originals to provide CGroup-aware values. - A cgroupfs-like tree which is container...

9.3CVSS2.9AI score0.9857EPSS
Exploits33
NVD
NVD
added 2019/08/07 3:15 p.m.26 views

CVE-2019-10367

Due to an incomplete fix of CVE-2019-10343, Jenkins Configuration as Code Plugin 1.26 and earlier did not properly apply masking to some values expected to be hidden when logging the configuration being applied...

5.5CVSS4.1AI score0.00382EPSS
Exploits0References2
Prion
Prion
added 2019/08/07 3:15 p.m.23 views

Authorization

Due to an incomplete fix of CVE-2019-10343, Jenkins Configuration as Code Plugin 1.26 and earlier did not properly apply masking to some values expected to be hidden when logging the configuration being applied...

2.1CVSS4.2AI score0.00382EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder