704 matches found
CVE-2024-53913
CVE-2024-53913 affects Veritas Enterprise Vault before 15.2. The underlying issue is deserialization of untrusted data received on a .NET Remoting TCP port in EVStgOfflineOpns, allowing remote code execution. Exploitation requires network access and, per ZDI, authentication is needed to exploit. ...
RHSA-2013:1370 Red Hat Security Advisory: jboss-remoting security update
Bulletin has no description...
RHSA-2013:1369 Red Hat Security Advisory: jboss-remoting security update
Bulletin has no description...
RHSA-2010:0964 Red Hat Security Advisory: jboss-remoting security update
Bulletin has no description...
BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure', 'Description' = %q This module exploits a...
jenkins: Arbitrary file read vulnerability through agent connections can lead to RCE
A vulnerability was found in the Remoting library in Jenkins core, which handles communication between the Jenkins controller and agents. The ClassLoaderProxyfetchJar function may allow malicious agents or attackers with Agent/Connect permission to read arbitrary files from the Jenkins controller...
jenkins: Arbitrary file read vulnerability through agent connections can lead to RCE
A vulnerability was found in the Remoting library in Jenkins core, which handles communication between the Jenkins controller and agents. The ClassLoaderProxyfetchJar function may allow malicious agents or attackers with Agent/Connect permission to read arbitrary files from the Jenkins controller...
jenkins: Arbitrary file read vulnerability through agent connections can lead to RCE
A vulnerability was found in the Remoting library in Jenkins core, which handles communication between the Jenkins controller and agents. The ClassLoaderProxyfetchJar function may allow malicious agents or attackers with Agent/Connect permission to read arbitrary files from the Jenkins controller...
jenkins: Arbitrary file read vulnerability through agent connections can lead to RCE
A vulnerability was found in the Remoting library in Jenkins core, which handles communication between the Jenkins controller and agents. The ClassLoaderProxyfetchJar function may allow malicious agents or attackers with Agent/Connect permission to read arbitrary files from the Jenkins controller...
The vulnerability of the Jenkins Automation Remoting server library allows for the execution of arbitrary code.
The vulnerability of the Jenkins Automation Remoting server library is related to deficiencies in path name restrictions for restricted access catalogs. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading class and resource files from the controller via...
BIT-JENKINS-2024-43044
Jenkins LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the ClassLoaderProxyfetchJar method in the Remoting library...
CVE-2024-43044
A vulnerability was found in the Remoting library in Jenkins core, which handles communication between the Jenkins controller and agents. The ClassLoaderProxyfetchJar function may allow malicious agents or attackers with Agent/Connect permission to read arbitrary files from the Jenkins controller...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1705 more potentially affected by CVE-2024-43044 via org.jenkins-ci.main:remoting (>=1.396 <=3206.vb_15dcf73f6a_9)
org.jenkins-ci.main:remoting MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.1, =0.1.0, =1.0, =0.9, =1.3, =1.23 and more Source cves: CVE-2024-43044 Source advisory: OSV:GHSA-H856-FFVV-XVR4...
GHSA-H856-FFVV-XVR4 Jenkins Remoting library arbitrary file read vulnerability
Jenkins uses the Remoting library typically agent.jar or remoting.jar for the communication between controller and agents. This library allows agents to load classes and classloader resources from the controller, so that Java objects sent from the controller build steps, etc. can be executed on...
Jenkins Remoting library arbitrary file read vulnerability
Jenkins uses the Remoting library typically agent.jar or remoting.jar for the communication between controller and agents. This library allows agents to load classes and classloader resources from the controller, so that Java objects sent from the controller build steps, etc. can be executed on...
CVE-2024-43044
Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the ClassLoaderProxyfetchJar method in the Remoting library...
CVE-2024-43044
Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the ClassLoaderProxyfetchJar method in the Remoting library...
CVE-2024-43044
Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the ClassLoaderProxyfetchJar method in the Remoting library...
CVE-2024-43044
Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the ClassLoaderProxyfetchJar method in the Remoting library...
Jenkins 安全漏洞
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins 2.470 and earlier and Jenkins LTS 2.452.3 and earlier, which stems from a...