Lucene search
K

128 matches found

Chainguard
Chainguard
added 2023/02/17 2:0 p.m.194 views

GHSA-VVPX-J8F3-3W6H vulnerabilities

Vulnerabilities for packages: wireguard-go, grpcurl, go, kubeflow, dynamic-localpv-provisioner-fips, terraform-provider-sendgrid-fips, gke-gcloud-auth-plugin, kube-state-metrics, hey, kubeflow-fips, k3d, dynamic-localpv-provisioner, falco, restic, terraform-provider-sendgrid...

5.9AI score
Exploits0
Veracode
Veracode
added 2022/11/19 12:47 a.m.83 views

Information Disclosure

rh-mysql80-mysql is vulnerable to information disclosure. The vulnerability exists in the Server: PAM Auth Plugin component, allowing attackers to modify the critical data or all MySQL Server accessible data through the multiple protocols...

4.9CVSS5.8AI score0.00866EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2022/11/16 12:0 p.m.29 views

GHSA-WCJJ-QM5V-J4PC Jenkins Reverse Proxy Auth Plugin vulnerable due to plaintext storage of passwords

Jenkins Reverse Proxy Auth Plugin versions 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...

6.5CVSS6.6AI score0.00649EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/11/16 12:0 p.m.38 views

Jenkins Reverse Proxy Auth Plugin vulnerable due to plaintext storage of passwords

Jenkins Reverse Proxy Auth Plugin versions 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...

6.5CVSS6.7AI score0.00649EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/11/15 8:15 p.m.27 views

CVE-2022-45384

Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...

6.5CVSS0.00649EPSS
Exploits0References2
OSV
OSV
added 2022/11/15 8:15 p.m.19 views

CVE-2022-45384

Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...

6.5CVSS6.5AI score
Exploits0References2
Cvelist
Cvelist
added 2022/11/15 12:0 a.m.33 views

CVE-2022-45384

Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...

7AI score0.00649EPSS
Exploits0References2
CVE
CVE
added 2022/11/15 12:0 a.m.271 views

CVE-2022-45384

CVE-2022-45384 affects the Jenkins Reverse Proxy Auth Plugin. Versions 1.7.3 and earlier store the LDAP manager password unencrypted in the Jenkins controller’s global config.xml, enabling access by anyone with filesystem access to the controller. The vulnerability is triggered by plaintext stora...

6.5CVSS6.6AI score0.00649EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/15 12:0 a.m.6 views

PT-2022-27486 · Jenkins · Jenkins Reverse Proxy Auth Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Reverse Proxy Auth Plugin versions 1.7.3 and earlier Description: The issue allows attackers with access to the Jenkins controller file system to view the LDAP manager password, which is stored unencrypted in the global config.xml fil...

6.5CVSS6.2AI score0.00649EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2022/11/15 12:0 a.m.12 views

CVE-2022-45384

Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...

6.8AI score0.00649EPSS
Exploits0References2
Veracode
Veracode
added 2022/11/10 12:30 a.m.38 views

Information Disclosure

rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: PAM Auth Plugin component, allowing an attacker to access critical data or complete access to all MySQL Server accessible data...

5.9CVSS6.1AI score0.02023EPSS
Exploits0References7Affected Software1
RedHat Linux
RedHat Linux
added 2022/10/25 9:10 a.m.11 views

mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Apr 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server...

5.9CVSS7.3AI score0.02023EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/20 1:42 p.m.5 views

mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Jul 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS7.3AI score0.00866EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/07/21 12:0 a.m.105 views

FreeBSD : MySQL -- Multiple vulnerabilities (8e150606-08c9-11ed-856e-d4c9ef517024)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 8e150606-08c9-11ed-856e-d4c9ef517024 advisory. - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the inp...

10CVSS7.1AI score0.83223EPSS
Exploits7References29
NVD
NVD
added 2022/07/19 10:15 p.m.31 views

CVE-2022-21455

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS0.00866EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/07/19 10:15 p.m.41 views

CVE-2022-21455

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS6.6AI score0.00866EPSS
Exploits0References2
OSV
OSV
added 2022/07/19 10:15 p.m.8 views

UBUNTU-CVE-2022-21455

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS6.5AI score0.00866EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2022/07/19 9:6 p.m.36 views

CVE-2022-21455

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS5.1AI score0.00866EPSS
Exploits0
CVE
CVE
added 2022/07/19 9:6 p.m.345 views

CVE-2022-21455

CVE-2022-21455 affects Oracle MySQL Server PAM Auth Plugin in MySQL 8.0.28 and earlier. The vulnerability enables a high-privilege attacker with network access (via multiple protocols) to compromise MySQL Server, potentially allowing unauthorized creation, deletion, or modification of critical da...

4.9CVSS4.7AI score0.00866EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/19 12:0 a.m.11 views

PT-2022-3730 · Oracle +6 · Mysql Server +5

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.28 and prior Description: The issue is related to insufficient input validation in the Server: PAM Auth Plugin component of MySQL Server, allowing a high-privileged attacker with network access via multiple protocols...

10CVSS7AI score0.87816EPSS
Exploits22References725
Rows per page
Query Builder