Lucene search
K

594 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.27 views

RHEL 7 : Red Hat CloudForms (RHSA-2018:1972)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1972 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual...

9.8CVSS8.6AI score0.27065EPSS
Exploits10References134
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.27 views

RHEL 7 : Red Hat CloudForms (RHSA-2017:3005)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3005 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual...

9CVSS8.2AI score0.87544EPSS
Exploits10References165
Tenable Nessus
Tenable Nessus
added 2024/04/24 12:0 a.m.27 views

RHEL 7 : CloudForms 4.6.2 update (Important) (RHSA-2018:1328)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1328 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual...

9.8CVSS8.6AI score0.27065EPSS
Exploits10References281
Openbugbounty
Openbugbounty
added 2024/03/22 5:50 a.m.6 views

towerhamletsarts.org.uk Cross Site Scripting vulnerability OBB-3883854

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/03/08 1:47 p.m.7 views

tower-racing.pl Cross Site Scripting vulnerability OBB-3867940

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/03/06 6:30 p.m.43 views

Jenkins Delphix Plugin has SSL/TLS certificate validation disabled by default

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

5.3CVSS6.8AI score0.00417EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2024/03/06 6:30 p.m.19 views

Jenkins Delphix Plugin has improper SSL/TLS certificate validation

In Jenkins Delphix Plugin 3.0.1 through 3.1.0 both inclusive a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation...

4.2CVSS6.8AI score0.00337EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/03/06 6:30 p.m.12 views

GHSA-PFH3-J79R-VQRJ Jenkins Delphix Plugin has improper SSL/TLS certificate validation

In Jenkins Delphix Plugin 3.0.1 through 3.1.0 both inclusive a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation...

4.2CVSS4.5AI score0.00337EPSS
Exploits0References5
NVD
NVD
added 2024/03/06 5:15 p.m.34 views

CVE-2024-28162

In Jenkins Delphix Plugin 3.0.1 through 3.1.0 both inclusive a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation...

4.2CVSS5.7AI score0.00337EPSS
Exploits0References2
NVD
NVD
added 2024/03/06 5:15 p.m.46 views

CVE-2024-28161

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

5.3CVSS5.7AI score0.00417EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 5:15 p.m.7 views

CVE-2024-28161

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

5.3CVSS6.6AI score
Exploits0References2
OSV
OSV
added 2024/03/06 5:15 p.m.9 views

CVE-2024-28162

In Jenkins Delphix Plugin 3.0.1 through 3.1.0 both inclusive a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation...

4.2CVSS6.6AI score
Exploits0References2
Prion
Prion
added 2024/03/06 5:15 p.m.30 views

Input validation

In Jenkins Delphix Plugin 3.0.1 through 3.1.0 both inclusive a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation...

6.6AI score0.00337EPSS
Exploits0References1
Prion
Prion
added 2024/03/06 5:15 p.m.34 views

Default credentials

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

6.6AI score0.00417EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/06 5:2 p.m.15 views

CVE-2024-28161

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

6.7AI score0.00417EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/06 5:2 p.m.39 views

CVE-2024-28162

In Jenkins Delphix Plugin 3.0.1 through 3.1.0 both inclusive a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation...

6.6AI score0.00337EPSS
Exploits0References2
CVE
CVE
added 2024/03/06 5:2 p.m.88 views

CVE-2024-28161

CVE-2024-28161 (Jenkins Delphix Plugin 3.0.1) : The issue is a misconfiguration where a global option to enable/disable SSL/TLS certificate validation for Data Control Tower (DCT) connections is disabled by default. This creates a potential for connections to proceed without proper certificate va...

5.3CVSS6.5AI score0.00417EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/03/06 5:2 p.m.34 views

CVE-2024-28161

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

6.6AI score0.00417EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/06 12:0 a.m.9 views

PT-2024-22307 · Jenkins · Jenkins Delphix Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Delphix Plugin version 3.0.1 Description: The issue concerns a global option in the Jenkins Delphix Plugin that allows administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections. This...

5.3CVSS6.5AI score0.00417EPSS
Exploits0References8
GithubExploit
GithubExploit
added 2023/11/25 6:56 p.m.35 views

Exploit for Files or Directories Accessible to External Parties in Redhat Ansible_Tower

CVE-2021-20253: Privilege Escalation via Job Isolation Escape...

6.7CVSS7.4AI score0.00411EPSS
Exploits1
Rows per page
Query Builder