Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

29 matches found

The Hacker News
The Hacker Newsadded 2023/12/18 2:31 p.m.46 views

Rhadamanthys Malware: Swiss Army Knife of Information Stealers Emerges

The developers of the information stealer malware known as Rhadamanthys are actively iterating on its features, broadening its information-gathering capabilities and also incorporating a plugin system to make it more customizable. This approach not only transforms it into a threat capable of...

8AI score
Exploits0
OSV
OSVadded 2023/06/01 2:15 a.m.0 views

CVE-2023-28937

DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and...

8.8CVSS5.8AI score
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2023/05/31 6:34 a.m.2 views

DataSpider Servista uses a hard-coded cryptographic key

Overview DataSpider Servista provided by SAISON INFORMATION SYSTEMS CO.,LTD. is a data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and ScriptRunner for Amazo...

8.8CVSS6.8AI score0.0052EPSS
Exploits0References11
CNVD
CNVDadded 2020/11/09 12:0 a.m.2 views

CloudBees Jenkins SQLPlus Script Runner Plugin Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An information disclosure...

6.5CVSS6.7AI score0.00183EPSS
Exploits0References1
NVD
NVDadded 2020/11/04 3:15 p.m.9 views

CVE-2020-2312

Jenkins SQLPlus Script Runner Plugin 2.0.12 and earlier does not mask a password provided as command line argument in build logs...

6.5CVSS6.7AI score0.00183EPSS
Exploits0References1
OSV
OSVadded 2020/11/04 3:15 p.m.8 views

CVE-2020-2312

Jenkins SQLPlus Script Runner Plugin 2.0.12 and earlier does not mask a password provided as command line argument in build logs...

6.5CVSS7AI score
Exploits0References1
CVE
CVEadded 2020/11/04 2:35 p.m.48 views

CVE-2020-2312

CVE-2020-2312 concerns Jenkins SQLPlus Script Runner Plugin (versions 2.0.12 and earlier). The issue arises because the plugin prints the sqlplus command invocation to build logs without masking the password provided as a command line argument, enabling users with Item/Read permission to view the...

6.5CVSS6.6AI score0.00183EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2020/11/04 2:35 p.m.8 views

CVE-2020-2312

Jenkins SQLPlus Script Runner Plugin 2.0.12 and earlier does not mask a password provided as command line argument in build logs...

6.6AI score0.00183EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2020/11/04 12:0 a.m.2 views

PT-2020-15542 · Jenkins · Jenkins Sqlplus Script Runner Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins SQLPlus Script Runner Plugin versions 2.0.12 and earlier Description: The issue concerns the Jenkins SQLPlus Script Runner Plugin, where a password provided as a command line argument is not masked in build logs. This allows users wit...

6.5CVSS6.4AI score0.00183EPSS
Exploits0References6
Rows per page
Query Builder