Lucene search
K

66 matches found

RedHat Linux
RedHat Linux
added 2021/01/18 4:4 p.m.3 views

jenkins-2-plugins/subversion: XML parser is not preventing XML external entity (XXE) attacks

A flaw was found in the subversion Jenkins plugin. The XML parser is not properly configured to prevent XML external entity XXE attacks allowing an attacker the ability to control an agent process and have Jenkins parse a crafted changelog file that uses external entities for extraction of secret...

6.5CVSS7.1AI score0.01478EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/11/09 1:59 p.m.21 views

CVE-2020-2304

A flaw was found in the subversion Jenkins plugin. The XML parser is not properly configured to prevent XML external entity XXE attacks allowing an attacker the ability to control an agent process and have Jenkins parse a crafted changelog file that uses external entities for extraction of secret...

6.5CVSS1.8AI score0.01478EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2020/11/04 12:0 a.m.6 views

PT-2020-15549 · Jenkins · Jenkins Visualworks Store Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Visualworks Store Plugin versions 1.1.3 and earlier Description: The issue allows attackers with the ability to control the output of a script that runs Visualworks with StoreCI, or able to control an agent process, to have Jenkins...

6.5CVSS6.3AI score0.01076EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2019/11/20 4:14 p.m.4 views

openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information...

4.7CVSS6.7AI score0.03418EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2019/11/20 4:8 p.m.4 views

openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information...

4.7CVSS6.7AI score0.03418EPSS
Exploits4References6
exploitpack
exploitpack
added 2010/06/24 12:0 a.m.13 views

NO-IP.com Dynamic DNS Update Client 2.2.1 - Request Insecure Encoding Algorithm

NO-IP.com Dynamic DNS Update Client 2.2.1 - Request Insecure Encoding Algorithm !/usr/bin/python """ |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// //...

0.4AI score
Exploits0
Rows per page
Query Builder