Acronis Snap Deploy 安全漏洞

Acronis Snap Deploy, an Acronis platform for bulk deployment of system images, is vulnerable to an elevation of privilege vulnerability that stems from assigning too many privileges to child processes, which could be exploited by an attacker to cause a local elevation of privilege...

Acronis Snap Deploy 代码问题漏洞

Acronis Snap Deploy is an Acronis platform for bulk deployment of system images. Acronis Snap Deploy is vulnerable to a DLL hijacking vulnerability, which originates when a process attempts to load a DLL without specifying the absolute path to the DLL, and can be exploited by an attacker to cause...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +2007 more potentially affected by CVE-2017-17383 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.9)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =55.v51410e712e0c, =1.0, =0.0.1, =0.1.1, =0.1.0, =1.0, =0.9, =0.45 and more Source cves: CVE-2017-17383 Source advisory: OSV:GHSA-X3RC-CXV7-6XP6...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +2157 more potentially affected by CVE-2010-3700 via org.acegisecurity:acegi-security (>=1.0.0 <=1.0.7)

org.acegisecurity:acegi-security MAVEN version =1.0.0, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.1, =0.1.0, =1.0, =1.17.3 and more Source cves: CVE-2010-3700 Source advisory: OSV:GHSA-3295-H9QX-R82X...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1573 more potentially affected by CVE-2018-1000997 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.13)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2018-1000997 Source advisory: OSV:GHSA-5HFP-964W-5VGM...

GHSA-3Q6P-R6RR-266X Jenkins Deploy to container Plugin stored plain text passwords in job configuration

The Deploy to container Plugin stored passwords unencrypted as part of its configuration. This allowed users with Jenkins master local file system access, or users with Extended Read access to the jobs it is used in, to retrieve those passwords. The Deploy to container Plugin now integrates with...

Jenkins Deploy to container Plugin stored plain text passwords in job configuration

The Deploy to container Plugin stored passwords unencrypted as part of its configuration. This allowed users with Jenkins master local file system access, or users with Extended Read access to the jobs it is used in, to retrieve those passwords. The Deploy to container Plugin now integrates with...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1573 more potentially affected by CVE-2018-1000863 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.13)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2018-1000863 Source advisory: OSV:GHSA-4JHM-5F7G-75FP...

Jenkins Octopus Deploy Plugin stores credentials in plain text

Jenkins Octopus Deploy Plugin stores credentials unencrypted in its global configuration file hudson.plugins.octopusdeploy.OctopusDeployPlugin.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

GHSA-R798-QX7R-V3GW Jenkins Octopus Deploy Plugin stores credentials in plain text

Jenkins Octopus Deploy Plugin stores credentials unencrypted in its global configuration file hudson.plugins.octopusdeploy.OctopusDeployPlugin.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

GHSA-RWRX-HRF2-V577 Jenkins Serena SRA Deploy Plugin stores credentials in plain text

Jenkins Serena SRA Deploy Plugin stores credentials unencrypted in its global configuration file com.urbancode.ds.jenkins.plugins.serenarapublisher.UrbanDeployPublisher.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

Jenkins Serena SRA Deploy Plugin stores credentials in plain text

Jenkins Serena SRA Deploy Plugin stores credentials unencrypted in its global configuration file com.urbancode.ds.jenkins.plugins.serenarapublisher.UrbanDeployPublisher.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1572 more potentially affected by CVE-2018-1999004 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.12)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2018-1999004 Source advisory: OSV:GHSA-WMR8-25FF-GGPJ...

CVE-2022-30695

Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy Windows before build 3640...

CVE-2022-30697

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy Windows before build 3640...

CVE-2022-30696

Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy Windows before build 3640...

IBM UrbanCode Deploy Encryption Issue Vulnerability (CNVD-2022-63372)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM Corporation in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology to automate the deployment of complex applications in...

CVE-2021-39082

IBM UrbanCode Deploy UCD 7.1.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

Information disclosure

IBM UrbanCode Deploy UCD 7.1.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2021-39082

IBM UrbanCode Deploy UCD 7.1.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...