CloudBees Jenkins Cross-Site Request Forgery Vulnerability (CNVD-2020-10430)

CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Amazon EC2 Plugin is used in which an EC2 connection agen...

CVE-2019-10391

Jenkins IBM Application Security on Cloud Plugin 1.2.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure...

CVE-2019-10391

Jenkins IBM Application Security on Cloud Plugin 1.2.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure...

Code injection

Jenkins IBM Application Security on Cloud Plugin 1.2.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure...

CVE-2019-10391

The CVE-2019-10391 entry concerns the Jenkins IBM Application Security on Cloud Plugin (versions 1.2.4 and earlier). The root cause is that configured passwords were transmitted in plain text as part of job configuration forms, creating a potential exposure of sensitive credentials. Public disclo...

PT-2019-11785 · Ibm +1 · Jenkins Ibm Application Security On Cloud Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins IBM Application Security on Cloud Plugin versions 1.2.4 and earlier Description: The issue is related to the transmission of configured passwords in plain text as part of job configuration forms, potentially resulting in their exposur...

CVE-2019-10364

Jenkins Amazon EC2 Plugin 1.43 and earlier wrote the beginning of private keys to the Jenkins system log...

CVE-2019-10291

Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...

CloudBees Jenkins Openstack Cloud Plugin Information Disclosure Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. that are used to monitor order repetitive work.Openstack Cloud Plugin is a plugin for creating Openstack cloud instances using one of the ... CloudBees Jenkins An information...

Design/Logic Flaw

A exposure of sensitive information vulnerability exists in Jenkins Openstack Cloud Plugin 2.35 and earlier in BootSource.java, InstancesToRun.java, JCloudsCleanupThread.java, JCloudsCloud.java, JCloudsComputer.java, JCloudsPreCreationThread.java, JCloudsRetentionStrategy.java, JCloudsSlave.java,...

CVE-2018-1000603

A exposure of sensitive information vulnerability exists in Jenkins Openstack Cloud Plugin 2.35 and earlier in BootSource.java, InstancesToRun.java, JCloudsCleanupThread.java, JCloudsCloud.java, JCloudsComputer.java, JCloudsPreCreationThread.java, JCloudsRetentionStrategy.java, JCloudsSlave.java,...

CVE-2018-1000603

A exposure of sensitive information vulnerability exists in Jenkins Openstack Cloud Plugin 2.35 and earlier in BootSource.java, InstancesToRun.java, JCloudsCleanupThread.java, JCloudsCloud.java, JCloudsComputer.java, JCloudsPreCreationThread.java, JCloudsRetentionStrategy.java, JCloudsSlave.java,...

CVE-2018-1000603

Summary (CVE-2018-1000603): Affected product: Jenkins Openstack Cloud Plugin (versions 2.35 and earlier). The vulnerability arises in multiple OpenStack-related classes (e.g., BootSource.java, OpenstackCredentials.java, SlaveOptions.java, etc.) and allows attackers with Overall/Read access to Jen...

Foxit Reader < 7.1 Cloud Plugin Windows Search Path Vulnerability

Foxit Reader Cloud Plugin is prone to a windows search path vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Design/Logic Flaw

Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder...

CVE-2015-2789

Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder...

KLA10517 Privilege escalation in Foxit Reader

Search path vulnerability was found in Foxit Reader Cloud plugin. By exploiting this vulnerability malicious users gain privileges. This vulnerability can be exploited locally via files manipulation. Original advisories Foxit bulletins Exploitation Public exploits exist for this vulnerability...

WordPress SCORM Cloud Plugin <= 1.0.6.6 - SQL Injection

Sermon Browser plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the plugin...