Lucene search
K

7 matches found

OSV
OSV
added 2026/01/29 12:45 a.m.3 views

CGA-CFG4-2GC2-9PGM

Bulletin has no description...

7.8CVSS5.8AI score0.01843EPSS
Exploits0
CNNVD
CNNVD
added 2026/01/07 12:0 a.m.4 views

iccDEV 输入验证错误漏洞

iccDEV is an open source color configuration code base from the International Color Consortium. An input validation error vulnerability exists in versions of iccDEV prior to 2.3.1.2 that stems from the presence of an undefined behavior runtime error...

7.1CVSS6.9AI score0.00172EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:25 a.m.17 views

CVE-2019-10345

Jenkins Configuration as Code Plugin 1.20 and earlier did not treat the proxy password as a secret to be masked when logging or encrypted for export...

5.5CVSS7AI score0.0033EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2024/10/28 7:44 p.m.20 views

Duende IdentityServer has insufficient validation of DPoP cnf claim in Local APIs

Impact IdentityServer's local API authentication handler performs insufficient validation of the cnf claim in DPoP access tokens. This allows an attacker to use leaked DPoP access tokens at local api endpoints even without possessing the private key for signing proof tokens. Note that this only...

3.1CVSS7.2AI score0.0032EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/24 4:51 p.m.33 views

Missing Authorization in Jenkins Configuration as Code Plugin

Missing permission checks in Jenkins Configuration as Code Plugin 1.24 and earlier in various HTTP endpoints allowed users with Overall/Read access to access the generated schema and documentation for this plugin containing detailed information about installed plugins...

4.3CVSS2.2AI score0.00691EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2019/09/25 12:0 a.m.4 views

vBulletin Remote Command Execution Vulnerability (CNVD-2019-42750)

vBulletin is the United States InternetBrands and vBulletinSolutions, Inc. of a PHP and MySQL-based open source Web forum program . A remote command execution vulnerability exists in vBulletin versions 5.x through 5.5.4, which can be exploited by an attacker to execute commands with the help of t...

9.8CVSS9.5AI score0.99728EPSS
Exploits27References1
Cvelist
Cvelist
added 2019/07/31 12:45 p.m.32 views

CVE-2019-10343

Jenkins Configuration as Code Plugin 1.24 and earlier did not properly apply masking to values expected to be hidden when logging the configuration being applied...

4.1AI score0.00368EPSS
Exploits0References2
Rows per page
Query Builder