Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-2398

Malicious code in bioql PyPI...

8.2CVSS6.4AI score0.06762EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2023/06/05 11:46 a.m.6 views

curl: TELNET option IAC injection

A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...

9.8CVSS7.5AI score0.01993EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2022/05/13 1:48 a.m.40 views

Improper Limitation of a Pathname to a Restricted Directory in Jenkins

A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into...

8.2CVSS5.2AI score0.06762EPSS
Exploits1References8Affected Software1
RedhatCVE
RedhatCVE
added 2020/04/04 5:19 a.m.33 views

CVE-2018-1000863

A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into...

8.2CVSS5.3AI score0.06762EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2019/01/10 9:4 a.m.5 views

jenkins: forced migration of user records (SECURITY-1072)

A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into...

8.2CVSS5.8AI score0.06762EPSS
Exploits1References4
OSV
OSV
added 2017/08/23 2:29 p.m.2 views

CVE-2017-12844

Cross-site scripting XSS vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name...

4.8CVSS5.9AI score0.00784EPSS
Exploits1References1
Rows per page
Query Builder