Insufficiently Protected Credentials

Overview org.jenkins-ci.plugins:ifttt-build-notifier is a Simple Jenkins Build Status Notifier for IFTTT Maker Channel Trigger. Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the storage of sensitive keys in config.xml files. An attacker can gain...

Jenkins IFTTT Build Notifier Plugin vulnerability exposes IFTTT Maker Channel Keys

Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As ...

CVE-2025-53662

Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

Jenkins plugin IFTTT Build Notifier 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. Jenkins plugin A...

PT-2025-28914 · Jenkins · Jenkins Ifttt Build Notifier Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins IFTTT Build Notifier Plugin versions 1.2 and earlier Description: The Jenkins IFTTT Build Notifier Plugin stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller. These keys can be viewed by users...

SUSE CVE-2025-38177

In the Linux kernel, the following vulnerability has been resolved: schhfsc: make hfscqlennotify idempotent hfscqlennotify is not idempotent either and not friendly to its callers, like fqcodeldequeue. Let's make it idempotent to ease qdisctreereducebacklog callers' life: 1. updatevf decreases...

SUSE CVE-2025-38116

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix uaf in ath12kcoreinit When the execution of ath12kcorehwgroupassign or ath12kcorehwgroupcreate fails, the registered notifier chain is not unregistered properly. Its memory is freed after rmmod, which may trigge...

CVE-2025-38116

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix uaf in ath12kcoreinit When the execution of ath12kcorehwgroupassign or ath12kcorehwgroupcreate fails, the registered notifier chain is not unregistered properly. Its memory is freed after rmmod, which may trigge...

UBUNTU-CVE-2025-38116

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix uaf in ath12kcoreinit When the execution of ath12kcorehwgroupassign or ath12kcorehwgroupcreate fails, the registered notifier chain is not unregistered properly. Its memory is freed after rmmod, which may trigge...

UBUNTU-CVE-2025-38150

In the Linux kernel, the following vulnerability has been resolved: afpacket: move notifier's packetdevmc out of rcu critical section Syzkaller reports the following issue: BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578 mutexlock+0x106/0xe80...

CVE-2025-38150 af_packet: move notifier's packet_dev_mc out of rcu critical section

In the Linux kernel, the following vulnerability has been resolved: afpacket: move notifier's packetdevmc out of rcu critical section Syzkaller reports the following issue: BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578 mutexlock+0x106/0xe80...

CVE-2025-38150

The CVE-2025-38150 entries describe a Linux kernel fix for af_packet where the notifier call path (packet_dev_mc) was moved out of an RCU critical section. The root cause involved a sleeping function being called from an invalid context in a chain of net/packet/af_packet.c and related code paths ...

CVE-2025-38150

In the Linux kernel, the following vulnerability has been resolved: afpacket: move notifier's packetdevmc out of rcu critical section Syzkaller reports the following issue: BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578 mutexlock+0x106/0xe80...

CVE-2025-38116 wifi: ath12k: fix uaf in ath12k_core_init()

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix uaf in ath12kcoreinit When the execution of ath12kcorehwgroupassign or ath12kcorehwgroupcreate fails, the registered notifier chain is not unregistered properly. Its memory is freed after rmmod, which may trigge...

CVE-2025-38116 wifi: ath12k: fix uaf in ath12k_core_init()

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix uaf in ath12kcoreinit When the execution of ath12kcorehwgroupassign or ath12kcorehwgroupcreate fails, the registered notifier chain is not unregistered properly. Its memory is freed after rmmod, which may trigge...

PT-2025-27702

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free UAF issue was found in the Linux kernel, specifically in the ath12k core init function. This issue occurs when the execution of ath12k core hw group assign or ath12k...

MAL-2025-5560 Malicious code in hardhat-deploy-notifier (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb9d3b8f687f5445ef66903c25ffaee9514d721441a15b7e4c4dfbf58caa7930 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in hardhat-deploy-notifier (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb9d3b8f687f5445ef66903c25ffaee9514d721441a15b7e4c4dfbf58caa7930 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE CVE-2025-38087

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in tapriodevnotifier Since taprio's tapriodevnotifier isn't protected by an RCU read-side critical section, a race with advancesched can lead to a use-after-free. Adding rcureadlock inside...

DEBIAN-CVE-2025-38087

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in tapriodevnotifier Since taprio’s tapriodevnotifier isn’t protected by an RCU read-side critical section, a race with advancesched can lead to a use-after-free. Adding rcureadlock inside...