Lucene search
+L

21 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2019-13990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. CVE-2019-13990...

9.8CVSS6.7AI score0.162EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.27 views

RHEL 8 : RHV Manager (ovirt-engine) 4.4 (RHSA-2020:3247)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3247 advisory. The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to...

9.8CVSS7.3AI score0.99019EPSS
Exploits17References253
Rosalinux
Rosalinux
added 2023/10/22 6:16 a.m.61 views

Advisory ROSA-SA-2023-2272

software: quartz 2.2.1 OS: ROSA-CHROME packageevrstring: quartz-2.2.1-11.src.rpm CVE-ID: CVE-2019-13990 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler before version 2.3.0 allows XXE attacks via job description...

9.8CVSS6.8AI score0.162EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.41 views

Atlassian JIRA Service Desk < 4.20.26 / 5.4.x < 5.4.10 / 5.5.x < 5.7.2 / 5.8.x < 5.8.2 / 5.9.x < 5.9.2 / 5.10.x < 5.10.1 (JSDSERVER-14401)

The version of Atlassian JIRA Service Desk Server running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-14401 advisory. - XXE XML External Entity Injection in Jira Service Management Data Center and Server - CVE-2019-13990 CVE-2019-13990 Note that Nessus has not...

9.8CVSS7.2AI score0.162EPSS
Exploits0References2
Atlassian
Atlassian
added 2023/09/20 3:53 p.m.46 views

XXE (XML External Entity Injection) in Jira Service Management Data Center and Server - CVE-2019-13990

h2. Summary of Vulnerability Certain versions of Jira Service Management Server & Data Center were affected by CVE-2019-13990. The affected versions contained vulnerable versions of Terracotta Quartz Scheduler which allowed authenticated attackers to initiate an XML External Entity injection atta...

9.8CVSS9.1AI score0.162EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2021-0133)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.162EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/10/26 12:0 a.m.47 views

Oracle WebCenter Sites Multiple Vulnerabilities (Oct 2021 CPU)

Oracle WebCenter Sites component of Oracle Fusion Middleware is affected by multiple vulnerabilities. - Component: WebCenter Sites Terracotta Quartz Scheduler. The supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker...

9.8CVSS6.9AI score0.77735EPSS
Exploits2References8
NCSC
NCSC
added 2021/01/21 12:0 a.m.7 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed multiple vulnerabilities in Oracle Enterprise Manager. The vulnerabilities allow an unauthenticated remote malicious party potentially able to launch attacks leading to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Access to...

9.8CVSS7.6AI score0.9986EPSS
Exploits10
RedHat Linux
RedHat Linux
added 2020/12/16 12:11 p.m.179 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.8.0 release and security update

A minor version update from 7.7 to 7.8 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

9.8CVSS8AI score0.95586EPSS
Exploits12References39
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/29 8:57 a.m.37 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Terracotta Quartz Scheduler

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Terracotta Quartz Scheduler. Vulnerability Details CVEID: CVE-2019-13990 DESCRIPTION: Terracotta could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external enti...

9.8CVSS1.6AI score0.162EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/29 6:21 a.m.96 views

Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.8.0 Security Update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.8CVSS7.5AI score0.87806EPSS
Exploits11References35
RedHat Linux
RedHat Linux
added 2020/07/29 6:6 a.m.100 views

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.8.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.8CVSS7.4AI score0.87806EPSS
Exploits10References34
vulnersOsv
vulnersOsv
added 2020/07/01 5:55 p.m.5 views

ai.databand.azkaban:az-core (=3.90.0), ai.databand.azkaban:azkaban-common (=3.18.0) +3310 more potentially affected by CVE-2019-13990 via org.quartz-scheduler:quartz (>=1.7.2 <=2.3.1)

org.quartz-scheduler:quartz MAVEN version =1.7.2, =0.5.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =1.0.0, =1.3.0 and more Source cves: CVE-2019-13990 Source advisory: OSV:GHSA-9QCF-C26R-X5RF...

9.8CVSS6.8AI score0.162EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/12 8:12 p.m.36 views

Security Bulletin: Quartz vulnerability affects IBM Spectrum Protect Plus (CVE-2019-13990)

Summary A security vulnerability in Quartz which could allow a remote attacker to obtain sensitive information affects IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-13990 DESCRIPTION: Terracotta could allow a remote attacker to obtain sensitive information, caused by improper...

9.8CVSS2.2AI score0.162EPSS
Exploits0Affected Software1
OSV
OSV
added 2020/04/16 6:32 a.m.12 views

SUSE-SU-2020:1009-1 Security update for quartz

This update for quartz fixes the following issues: - CVE-2019-13990: Fixed XML External Entity attack in initDocumentParser bsc1143227...

9.8CVSS9.5AI score0.162EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/04/15 12:0 a.m.50 views

Oracle Primavera Unifier (Apr 2020 CPU)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the CPUApr2020 advisory. - initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows X...

9.8CVSS7.1AI score0.162EPSS
Exploits1References5
OSV
OSV
added 2020/04/14 8:31 a.m.9 views

SUSE-SU-2020:0984-1 Security update for quartz

This update for quartz fixes the following issues: - CVE-2019-13990: Fixed XML External Entity attack in initDocumentParser bsc1143227...

9.8CVSS9.5AI score0.162EPSS
Exploits0References3
OSV
OSV
added 2019/07/26 7:15 p.m.38 views

CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

9.8CVSS6.6AI score0.162EPSS
Exploits0References17
Vulnrichment
Vulnrichment
added 2019/07/26 12:0 a.m.29 views

CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description...

6.6AI score0.162EPSS
Exploits0References17
CVE
CVE
added 2019/07/26 12:0 a.m.586 views

CVE-2019-13990

CVE-2019-13990 affects Terracotta Quartz Scheduler within Atlassian Jira Service Management Data Center/Server and related Oracle Fusion Middleware deployments, via XXE in the Terracotta Quartz Scheduler component when parsing a job description. The root cause is an XML External Entity condition ...

9.8CVSS9AI score0.162EPSS
Exploits0References17Affected Software1
Rows per page
Query Builder