Lucene search
+L

367 matches found

Positive Technologies
Positive Technologies
added 2023/03/28 12:0 a.m.9 views

PT-2023-20274 · Veracode · Veracode Azure Devops Extension +2

Name of the Vulnerable Software and Affected Versions: Veracode Scan Jenkins Plugin versions prior to 23.3.19.0 Veracode Azure DevOps Extension versions prior to 3.20.0 Description: A credential-leak issue was discovered in related Veracode products. The Veracode Scan Jenkins Plugin, when...

5.5CVSS5.3AI score0.00206EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/03/28 12:0 a.m.6 views

Jenkins Plugin Veracode Scan 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.5CVSS5.8AI score0.00206EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/28 12:0 a.m.5 views

Jenkins Plugin Veracode Scan 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

6.5CVSS6.5AI score0.00647EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/03/28 12:0 a.m.10 views

CVE-2023-25721

Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and when a scan is configured for remote agent jobs, allows users with access to view the job log to...

6.5AI score0.00647EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/28 12:0 a.m.38 views

CVE-2023-25722

A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to...

5.8AI score0.00206EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/03/28 12:0 a.m.10 views

PT-2023-20273 · Veracode · Veracode Scan Jenkins Plugin

Name of the Vulnerable Software and Affected Versions: Veracode Scan Jenkins Plugin versions prior to 23.3.19.0 Description: The issue allows users with access to view the job log to discover proxy credentials under specific configurations. This includes when the "Connect using proxy" option is...

6.5CVSS5.6AI score0.00647EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/03/28 12:0 a.m.40 views

CVE-2023-25721

Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and when a scan is configured for remote agent jobs, allows users with access to view the job log to...

6.6AI score0.00647EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/28 12:0 a.m.6 views

CVE-2023-25722

A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to...

5.5AI score0.00206EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.5 views

SUSE CVE-2003-1605

curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server...

7.5CVSS7.1AI score0.01915EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:44 a.m.5 views

SUSE CVE-2017-9271

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used...

4CVSS7AI score0.00337EPSS
Exploits0References112
SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.2 views

SUSE CVE-2020-8225

A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away information about used proxies and their authentication credentials...

7.5CVSS7.6AI score0.0091EPSS
Exploits0References3
NVD
NVD
added 2022/09/29 4:15 p.m.23 views

CVE-2022-39168

IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in upgrade logs. IBM X-Force ID: 235422...

7.5CVSS0.00739EPSS
Exploits0References2
OSV
OSV
added 2022/09/29 4:15 p.m.5 views

CVE-2022-39168

IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in upgrade logs. IBM X-Force ID: 235422...

7.5CVSS5.8AI score0.00739EPSS
Exploits0References2
Prion
Prion
added 2022/09/29 4:15 p.m.21 views

Code injection

IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in upgrade logs. IBM X-Force ID: 235422...

5CVSS7.2AI score0.00739EPSS
Exploits0References2Affected Software3
Vulnrichment
Vulnrichment
added 2022/09/29 3:40 p.m.7 views

CVE-2022-39168

IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in upgrade logs. IBM X-Force ID: 235422...

4.6CVSS7.2AI score0.00739EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/29 3:40 p.m.28 views

CVE-2022-39168

IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in upgrade logs. IBM X-Force ID: 235422...

4.6CVSS7.3AI score0.00739EPSS
Exploits0References2
OSV
OSV
added 2022/07/29 10:26 p.m.2 views

GHSA-9X8M-2XPF-CRP3 Scrapy before 2.6.2 and 1.8.3 vulnerable to one proxy sending credentials to another

Impact When the built-in HTTP proxy downloader middleware processes a request with proxy metadata, and that proxy metadata includes proxy credentials, the built-in HTTP proxy downloader middleware sets the Proxy-Authentication header, but only if that header is not already set. There are...

5.9AI score
Exploits0References3
OSV
OSV
added 2022/05/24 10:1 p.m.61 views

GHSA-442G-GCG6-MHM4 Play Framework Inadequate Encryption Strength vulnerability

An issue was discovered in Lightbend Play Framework 2.5.x through 2.6.23. When configured to make requests using an authenticated HTTP proxy, play-ws may sometimes, typically under high load, when connecting to a target host using https, expose the proxy credentials to the target host...

7.5CVSS5.9AI score0.00698EPSS
Exploits0References3
OSV
OSV
added 2021/01/13 10:15 p.m.2 views

CVE-2021-1126

A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center FMC could allow an authenticated, local attacker to view credentials for a configured proxy server. The vulnerability is due to clear-text storage and weak permissions of related configuration files. A...

5.5CVSS6.1AI score0.00259EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/13 12:0 a.m.8 views

Cisco Firepower Management Center 信息泄露漏洞

Cisco Firepower Management Center is the nerve center for managing Cisco network security solutions, improving the effectiveness of Cisco network security solutions by providing centralized, integrated, and simplified management. An information disclosure vulnerability exists in the storage of...

5.5CVSS6AI score0.00259EPSS
Exploits0References4
Rows per page
Query Builder