jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description Medium SECURITY-3495 / CVE-2025-27622 Encrypted values of secrets stored in agent configuration revealed to users with Agent/Extended Read permission Description Medium SECURITY-3496 / CVE-2025-27623 Encrypted values of secrets stored in view configuration...

Linux Distros Unpatched Vulnerability : CVE-2024-35791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: SVM: Flush pages under kvm-lock to fix UAF in svmregisterencregion Do the cache flush of converted pages in svmregisterencregion before dropping kvm-lock t...

Linux Distros Unpatched Vulnerability : CVE-2023-28841

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream...

Linux Distros Unpatched Vulnerability : CVE-2023-28842

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream...

Linux Distros Unpatched Vulnerability : CVE-2020-1740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes ansible-vault edit, another user on the same...

Linux Distros Unpatched Vulnerability : CVE-2010-0015

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries...

Bit Flipping Attack

cookie-encrypter is vulnerable to Bit flipping Attack. The vulnerability is due to the lack of integrity verification, allowing attackers to modify encrypted cookies without detection...

DEBIAN-CVE-2022-49361

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check for inline inode Yanming reported a kernel bug in Bugzilla kernel 1, which can be reproduced. The bug message is: The kernel message is shown below: kernel BUG at fs/inode.c:611! Call Trace:...

DEBIAN-CVE-2022-49290

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix potential double free on mesh join While commit 6a01afcf8468 "mac80211: mesh: Free ie data when leaving mesh" fixed a memory leak on mesh leave / teardown it introduced a potential memory corruption caused by a doub...

UBUNTU-CVE-2022-49361

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check for inline inode Yanming reported a kernel bug in Bugzilla kernel 1, which can be reproduced. The bug message is: The kernel message is shown below: kernel BUG at fs/inode.c:611! Call Trace:...

PT-2025-8739 · Esri · Esri Arcgis Monitor

Name of the Vulnerable Software and Affected Versions: Esri ArcGIS Monitor versions 2023.0 through 2024.x Description: The issue is a SQL injection problem that allows a remote, authenticated attacker with low privileges to improperly read limited database schema information by passing crafted...

The vulnerability of Tenda W18E router microprogramming software, related to the use of strictly encrypted login data, allows a intruder to gain unauthorized access to the control console.

The vulnerability of Tenda W18E router microprogramming software is related to the use of strictly encrypted account data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the control console with administrator privileges...

The vulnerability of Tenda W18E router microprogramming software, related to the use of strictly encrypted account data, allows a intruder to gain unauthorized access to the control console with administrator privileges.

The vulnerability of Tenda W18E router microprogramming software is related to the use of strictly encrypted account data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the control console with administrator privileges...

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the use of strictly encrypted accounting data. This allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the use of rigidly encrypted account data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized acces...

CLSA-2025-1740470330 linux-firmware: Fix of 2 CVEs

Update AMD SEV CPU firmware to address CVE-2023-31356, CVE-2023-20584...

openSUSE Security Advisory (SUSE-SU-2024:0893-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 41 Update: openssh-9.9p1-3.fc41

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

CLSA-2025-1739965377 linux-firmware: Fix of 2 CVEs

Update AMD SEV CPU firmware to address CVE-2023-31356, CVE-2023-20584...

Vulnerabilities fixed in Fortinet FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in several products, including FortiOS, FortiProxy, FortiPAM, FortiSwitchManager, FortiSandbox, FortiManager and FortiAnalyzer. The vulnerabilities include the ability for privileged attackers to execute arbitrary code or commands by sending specially crafted...

CVE-2024-47265

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vector...