4game-support-ckeditor5-custom-build (>=0.0.1 <=0.0.5), 87-midnight-ckeditor5 (>=0.0.3 <=0.0.5) +1483 more potentially affected by CVE-2026-28343 via ckeditor5 (>=29.2.0 <=47.6.0-alpha.9)

ckeditor5 NPM version =29.2.0, =0.0.1, =0.0.3, =0.0.1, =0.0.1, =29.2.0, =2.0.0, =30.0.0, =0.7.0, =1.0.0, =0.0.3, =0.0.6, =1.3.0, =1.0.1, =1.0.23 and more Source cves: CVE-2026-28343 Source advisory: OSV:GHSA-JRQM-VMQC-GM93...

EUVD-2024-25303

Malicious code in bioql PyPI...

CVE-2024-28173

In JetBrains TeamCity between 2023.11 and 2023.11.4 custom build parameters of the "password" type could be disclosed...

JetBrains TeamCity Information Disclosure Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. JetBrains TeamCity suffers from an information...

CVE-2024-28173

In JetBrains TeamCity between 2023.11 and 2023.11.4 custom build parameters of the "password" type could be disclosed...

Design/Logic Flaw

In JetBrains TeamCity between 2023.11 and 2023.11.4 custom build parameters of the "password" type could be disclosed...

CVE-2024-28173

In JetBrains TeamCity between 2023.11 and 2023.11.4 custom build parameters of the "password" type could be disclosed...

CVE-2024-28173

CVE-2024-28173 (JetBrains TeamCity) affects TeamCity versions 2023.11 through 2023.11.4, with information disclosure of custom build parameters of type “password” during data transmission. The PT-2024-2108 entry provides concrete details: affected versions are 2023.11–2023.11.4, and mitigation is...

Jenkins plugins Multiple Vulnerabilities (2022-12-07)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Plot Plugin 2.1.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. CVE-2022-46682 - Jenki...

GHSA-5G2C-J6V9-VF94 Jenkins Custom Build Properties Plugin vulnerable to Cross-site Scripting

Jenkins Custom Build Properties Plugin 2.79.vc095ccc85094 and earlier does not escape property values and build display names on the Custom Build Properties and Build Summary pages, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to set or change these...

Jenkins Custom Build Properties Plugin vulnerable to Cross-site Scripting

Jenkins Custom Build Properties Plugin 2.79.vc095ccc85094 and earlier does not escape property values and build display names on the Custom Build Properties and Build Summary pages, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to set or change these...

CVE-2022-46686

Jenkins Custom Build Properties Plugin 2.79.vc095ccc85094 and earlier does not escape property values and build display names on the Custom Build Properties and Build Summary pages, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to set or change these...

CVE-2022-46686

Jenkins Custom Build Properties Plugin 2.79.vc095ccc85094 and earlier does not escape property values and build display names on the Custom Build Properties and Build Summary pages, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to set or change these...

Cross site scripting

Jenkins Custom Build Properties Plugin 2.79.vc095ccc85094 and earlier does not escape property values and build display names on the Custom Build Properties and Build Summary pages, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to set or change these...

CVE-2022-46686

CVE-2022-46686 affects Jenkins Custom Build Properties Plugin versions 2.79.vc095ccc85094 and earlier. Root cause: the plugin fails to escape property values and build display names on the Custom Build Properties and Build Summary pages, leading to a stored XSS vulnerability exploitable when an a...

PT-2022-27950 · Jenkins · Jenkins Custom Build Properties Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Custom Build Properties Plugin versions 2.79.vc095ccc85094 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability due to the plugin not escaping property values and build display names on the...

Jenkins Custom Build Properties Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site scripting...

com.amazonaws:codedeploy (=1.15), com.aspectsecurity.automationservices.plugins.jenkins:ibm-security-appscansource-scanner (>=1.0.3 <=1.0.5) +332 more potentially affected by CVE-2014-3663 via org.jenkins-ci.main:jenkins-core (>=1.566 <=1.582)

org.jenkins-ci.main:jenkins-core MAVEN version =1.566, =1.0.3, =1.0.0, =2.2.0, =2.0, =8.5.0, =1.2, =1.29, =1.0, =1.0, =1.00, =1.2 and more Source cves: CVE-2014-3663 Source advisory: OSV:GHSA-64MC-2M9P-23C8...

0day RCE in Firefox

This seems like a pretty interesting vulnerability CVE-2019-17026 in Firefox and Thunderbird in Windows, MacOS and Linux. "Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this...