Lucene search
K

848 matches found

Cvelist
Cvelist
added 2019/08/07 2:20 p.m.25 views

CVE-2019-10367

Due to an incomplete fix of CVE-2019-10343, Jenkins Configuration as Code Plugin 1.26 and earlier did not properly apply masking to some values expected to be hidden when logging the configuration being applied...

4.5AI score0.00382EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/08/07 12:0 a.m.4 views

PT-2019-11763 · Jenkins · Jenkins Configuration As Code Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Configuration as Code Plugin versions 1.26 and earlier Description: The issue arises from an incomplete fix that did not properly apply masking to some values expected to be hidden when logging the configuration being applied. This...

5.5CVSS5.4AI score0.00382EPSS
Exploits0References7
NVD
NVD
added 2019/07/31 1:15 p.m.28 views

CVE-2019-10343

Jenkins Configuration as Code Plugin 1.24 and earlier did not properly apply masking to values expected to be hidden when logging the configuration being applied...

3.3CVSS4.6AI score0.00368EPSS
Exploits0References2
Prion
Prion
added 2019/07/31 1:15 p.m.17 views

Design/Logic Flaw

Jenkins Configuration as Code Plugin 1.24 and earlier did not properly apply masking to values expected to be hidden when logging the configuration being applied...

2.1CVSS4.5AI score0.00368EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/07/31 12:45 p.m.32 views

CVE-2019-10343

Jenkins Configuration as Code Plugin 1.24 and earlier did not properly apply masking to values expected to be hidden when logging the configuration being applied...

4.1AI score0.00368EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/07/31 12:0 a.m.3 views

PT-2019-11742 · Jenkins · Jenkins Configuration As Code Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Configuration as Code Plugin versions 1.24 and earlier Jenkins Configuration as Code Plugin versions 0.8-alpha through 1.0 Description: The issue concerns the logging of configuration changes by the Configuration as Code Plugin, where...

5.5CVSS4.2AI score0.00368EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2019/03/14 3:40 p.m.36 views

Moderate severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service

Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for...

4.3CVSS2AI score0.01431EPSS
Exploits3References4Affected Software3
OSV
OSV
added 2019/03/14 3:40 p.m.1 views

GHSA-2G9Q-CHQ2-W8QW Moderate severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service

Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for...

4.3CVSS7.2AI score0.01431EPSS
Exploits3References4
Imperva Blog
Imperva Blog
added 2019/03/06 6:54 a.m.53 views

Imperva Wins Awards for Best Database Security, Coolest Cloud Security Vendor

SC Magazine has long been one of the most respected names in cybersecurity journalism, and one that has written about Imperva’s security research and solutions many times. So we’re proud to announce that we’ve won the 2019 SC Award for Best Database Security solution at SC’s awards ceremony on...

Exploits0
Tenable Nessus
Tenable Nessus
added 2019/03/06 12:0 a.m.28 views

Credit Card Disclosure in HTML

The remote web application displays plaintext credit card information without the appropriate masking. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid122648; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/03/07";...

5.5AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/08/24 8:12 p.m.64 views

Static vs Dynamic Data Masking: Why Are We Still Comparing the Two?

Earlier this month a leading analyst released their annual report on the state of Data Masking as a component of the overall Data Security sector; which included commentary on what’s known as ‘static’ data masking and an alternative solution known as ‘dynamic’ data masking. And these two solution...

7.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/07/13 10:23 p.m.66 views

Need for Speed: Optimizing Data Masking Performance and Providing Secure Data for DevOps Users

Let’s start with a pretty common life experience -- you identify a need e.g., transportation, you evaluate your options e.g., evaluate car manufacturers, various features, pricing, etc., and you decide to purchase e.g., vehicle X. This process repeats itself over and over again regardless of the...

Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:42 p.m.24 views

Security Bulletin: Vulnerability in Apache Xerces-C XML parser, including XML4C affects IBM InfoSphere Information Server (CVE-2016-0729)

Summary Open Source Xerces-C XML parser vulnerability affects IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processing and error reportin...

9.8CVSS0.7AI score0.09115EPSS
Exploits0Affected Software1
Imperva Blog
Imperva Blog
added 2018/06/14 3:38 p.m.49 views

Monitoring Data & Data Access to Support Ongoing GDPR Compliance – Part III: Tools

The new European Union EU-wide General Data Protection Regulation GDPR was signed into law in late April 2016, and the compliance deadline came into effect on May 25, 2018. The Regulation is expansive and covers a variety of subject areas, provisions, and actions in the form of documented Article...

0.6AI score
Exploits0
Fedora
Fedora
added 2018/05/16 1:7 p.m.35 views

[SECURITY] Fedora 28 Update: leptonica-1.76.0-1.fc28

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...

9.8CVSS1.4AI score0.03739EPSS
Exploits1
n0where
n0where
added 2018/05/02 9:37 p.m.27 views

Command and Control via Legitimate Behavior over HTTP: TrevorC2

TrevorC2 is a client/server model for masking command and control through a normally browsable website. Detection becomes much harder as time intervals are different and does not use POST requests for data exfil. There are two components to TrevorC2 – the client and the server. The client can be...

Exploits0References1
Kitploit
Kitploit
added 2018/03/28 12:51 p.m.26 views

WhoAmIMailBot - A Service To Mask Your Email

What is it? A service to mask your e-mails, it was inspired by Blur service, where you create a alias for your e-mail, and use it to signup on applications, but the problem on Blur, is that all e-mails pass trough they infraestructure, and I don't need anybody looking on my e-mails, to solve that...

7.1AI score
Exploits0References1
Fedora
Fedora
added 2018/03/13 5:20 p.m.45 views

[SECURITY] Fedora 26 Update: leptonica-1.74.4-5.fc26

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...

9.8CVSS1.4AI score0.03466EPSS
Exploits1
Imperva Blog
Imperva Blog
added 2018/03/03 6:0 p.m.97 views

Securing Healthcare Data and Applications

The healthcare industry is quickly growing as a sweet spot for hackers to steal large amounts of patient records for profit. The US Department of Health and Human Services breach tool reports over 340 data breaches in 2017 impacting more than 3 million individuals, and 176.5 million individuals...

6.7AI score
Exploits0
n0where
n0where
added 2018/02/28 3:14 a.m.18 views

Targeted Evil Twin Wireless Access Point Attack Toolkit: The Rogue Toolkit

The Rogue Toolkit is an extensible toolkit aimed at providing penetration testers an easy-to-use platform to deploy software-defined Access Points AP for the purpose of conducting penetration testing and red team engagements. By using Rogue, penetration testers can easily perform targeted evil tw...

7.3AI score
Exploits0References1
Rows per page
Query Builder