Lucene search
K

5 matches found

CNNVD
CNNVD
added 2023/03/09 12:0 a.m.10 views

Jenkins 安全漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins version 2.393 and earlier, LTS version 2.375.3 and earlier. An attacker...

4.3CVSS5.8AI score0.00745EPSS
Exploits0References4
OSV
OSV
added 2022/03/14 1:53 p.m.10 views

SUSE-SU-2022:0821-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.7.0 ESR bsc1196900: - CVE-2022-26383: Browser window spoof using fullscreen mode - CVE-2022-26384: iframe allow-scripts sandbox bypass - CVE-2022-26387: Time-of-check time-of-use bug when verifying add-...

9.6CVSS6.6AI score0.00931EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2022/03/14 10:48 a.m.3 views

Mozilla: Temporary files downloaded to /tmp and accessible by other local users

The Mozilla Foundation Security Advisory describes this flaw as: Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in /tmp, but this behavior was changed to download them to /tmp where they could be affected by other local users. This behavior...

6.5CVSS7.3AI score0.0068EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2022/03/14 10:7 a.m.4 views

Mozilla: Temporary files downloaded to /tmp and accessible by other local users

The Mozilla Foundation Security Advisory describes this flaw as: Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in /tmp, but this behavior was changed to download them to /tmp where they could be affected by other local users. This behavior...

6.5CVSS7.3AI score0.0068EPSS
Exploits1References6
OSV
OSV
added 2020/11/12 8:15 p.m.5 views

CVE-2020-13774

An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivanti Endpoint Manager 2019.1 and 2020.1 allows an authenticated attacker to gain remote code execution by uploading a malicious aspx file. The issue is caused by insufficient file extension validation and insecure file operations ...

9.9CVSS7.8AI score0.04747EPSS
Exploits0References1
Rows per page
Query Builder