Lucene search
K

3662 matches found

OpenVAS
OpenVAS
added 2022/07/09 12:0 a.m.14 views

Fedora: Security Advisory for matrix-synapse (FEDORA-2022-45bf6d4b88)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.5AI score0.01578EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/07/09 12:0 a.m.21 views

Fedora: Security Advisory for matrix-synapse (FEDORA-2022-1a2312e4d6)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.5AI score0.01578EPSS
Exploits0References2
Fedora
Fedora
added 2022/07/08 1:37 a.m.30 views

[SECURITY] Fedora 35 Update: matrix-synapse-1.61.1-1.fc35

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

6.5CVSS6.4AI score0.01578EPSS
Exploits0
Fedora
Fedora
added 2022/07/08 1:17 a.m.33 views

[SECURITY] Fedora 36 Update: matrix-synapse-1.61.1-1.fc36

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

6.5CVSS6.4AI score0.01578EPSS
Exploits0
CNVD
CNVD
added 2022/07/04 12:0 a.m.30 views

Jenkins Matrix Reloaded Plugin Cross-Site Request Forgery Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Matrix Reloaded Plugin version 1.1...

6.5CVSS2.8AI score0.00497EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/07/01 12:1 a.m.34 views

Jenkins Matrix Reloaded Plugin vulnerable to Stored XSS

Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...

5.4CVSS4.9AI score0.00567EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/07/01 12:1 a.m.20 views

Jenkins Matrix Reloaded Plugin vulnerable to CSRF

Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to rebuild previous matrix builds...

6.5CVSS6.2AI score0.00497EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/07/01 12:1 a.m.15 views

GHSA-4V5C-5V6C-37PJ Jenkins Matrix Reloaded Plugin vulnerable to CSRF

Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to rebuild previous matrix builds...

6.5CVSS6.7AI score0.00497EPSS
Exploits0References3
OSV
OSV
added 2022/07/01 12:1 a.m.19 views

GHSA-2463-7265-H8R4 Jenkins Matrix Reloaded Plugin vulnerable to Stored XSS

Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...

7.1CVSS5.4AI score0.00567EPSS
Exploits0References3
NVD
NVD
added 2022/06/30 6:15 p.m.23 views

CVE-2022-34789

A cross-site request forgery CSRF vulnerability in Jenkins Matrix Reloaded Plugin 1.1.3 and earlier allows attackers to rebuild previous matrix builds...

6.5CVSS0.00497EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/30 6:15 p.m.3 views

CVE-2022-34789

A cross-site request forgery CSRF vulnerability in Jenkins Matrix Reloaded Plugin 1.1.3 and earlier allows attackers to rebuild previous matrix builds...

6.5CVSS5.8AI score0.00497EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/06/30 6:15 p.m.2 views

CVE-2022-34788

Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...

5.4CVSS5.8AI score0.00567EPSS
Exploits0References2
NVD
NVD
added 2022/06/30 6:15 p.m.22 views

CVE-2022-34788

Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...

5.4CVSS0.00567EPSS
Exploits0References1
OSV
OSV
added 2022/06/30 6:15 p.m.3 views

CVE-2022-34789

A cross-site request forgery CSRF vulnerability in Jenkins Matrix Reloaded Plugin 1.1.3 and earlier allows attackers to rebuild previous matrix builds...

6.5CVSS5.7AI score0.00497EPSS
Exploits0References1
OSV
OSV
added 2022/06/30 6:15 p.m.5 views

CVE-2022-34788

Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...

5.4CVSS5.7AI score0.00567EPSS
Exploits0References1
Prion
Prion
added 2022/06/30 6:15 p.m.13 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Matrix Reloaded Plugin 1.1.3 and earlier allows attackers to rebuild previous matrix builds...

4.3CVSS6.4AI score0.00497EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/06/30 6:15 p.m.18 views

Cross site scripting

Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...

3.5CVSS5.3AI score0.00567EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/30 5:47 p.m.20 views

CVE-2022-34789

A cross-site request forgery CSRF vulnerability in Jenkins Matrix Reloaded Plugin 1.1.3 and earlier allows attackers to rebuild previous matrix builds...

7AI score0.00497EPSS
Exploits0References1
CVE
CVE
added 2022/06/30 5:47 p.m.273 views

CVE-2022-34789

CVE-2022-34789 concerns Jenkins Matrix Reloaded Plugin (versions ≤ 1.1.3). A CSRF flaw arises because the plugin’s HTTP endpoint does not require POST requests, enabling attackers to rebuild previous matrix builds. Public sources corroborate the issue and its impact; no explicit patch/version wit...

6.5CVSS6.7AI score0.00497EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/30 5:46 p.m.20 views

CVE-2022-34788

Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...

5.7AI score0.00567EPSS
Exploits0References1
Rows per page
Query Builder