243 matches found
CVE-2023-39156
A cross-site request forgery CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags...
CVE-2023-39156
A cross-site request forgery CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags...
CVE-2023-39156
A cross-site request forgery CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags...
CVE-2023-39156
CVE-2023-39156 is a CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier. The issue arises because the plugin does not require POST requests on a specific HTTP endpoint, allowing an attacker to delete previously created Bazaar SCM tags. Impact is limited to the ability to delete tags; no ...
CVE-2023-39156
A cross-site request forgery CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags...
Jenkins Bazaar Plugin 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2023-26813 · Jenkins · Jenkins Bazaar Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Bazaar Plugin versions 1.22 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to delete previously created Bazaar SCM tags. This issue arises because the plugin does not require POST requests fo...
bridalbazaar.com Cross Site Scripting vulnerability OBB-3549212
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Bazaar Social Listing Shopping Web PHP Template 2.3.2 Cross Site Scripting
==================================================================================================================================== | Title : Bazaar Social Listing Shopping Web PHP Template v2.3.2 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...
Bazaar Social Listing Shopping Web PHP Template 2.3.2 Privilege Escalation
==================================================================================================================================== | Title : Bazaar | Social Listing Shopping Web PHP Template v2.3.2 Privilege Escalation Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.P...
SUSE CVE-2017-9352
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur...
SUSE CVE-2017-14176
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...
SUSE CVE-2018-14368
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long...
The Hunt for the Kingpin Behind AlphaBay, Part 1: The Shadow
AlphaBay was the largest online drug bazaar in history, run by a technological mastermind who seemed untouchable—until his tech was turned against him...
Ubuntu: Security Advisory (USN-3411-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Bazaar allows remote attackers to execute arbitrary commands via a bzr+ssh URL with initial dash character in hostname
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...
GHSA-JJXG-HPM7-G95F Bazaar allows remote attackers to execute arbitrary commands via a bzr+ssh URL with initial dash character in hostname
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...
Digital Bazaar Forge Data Forgery Issue Vulnerability
Digital Bazaar Forge is a native implementation of Tls in Javascript and an open source tool for writing encryption-based and network-intensive Web applications from Digital Bazaar, Inc. digitalbazaar Forge versions prior to 1.3.0 are vulnerable to a data forgery issue that originates from RSA PK...
Digital Bazaar Forge Data Forgery Issue Vulnerability (CNVD-2022-22656)
Digital Bazaar Forge is a native implementation of Tls in Javascript and an open source tool for writing encryption-based and network-intensive Web applications from Digital Bazaar, Inc. A data forgery issue vulnerability exists in versions prior to Digital Bazaar Forge 1.3.0, which originated in...