Lucene search
K

5470 matches found

Positive Technologies
Positive Technologies
added 2025/03/05 12:0 a.m.6 views

PT-2025-9860 · Jenkins +1 · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.499 and earlier, LTS versions 2.492.1 and earlier Description: The issue allows attackers with View/Read permission to view encrypted values of secrets when accessing config.xml of views via REST API or CLI. This occurs...

4.3CVSS4.7AI score0.00298EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2025/03/05 12:0 a.m.3 views

PT-2025-9859 · Jenkins +1 · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.499 and earlier Jenkins LTS versions 2.492.1 and earlier Description: The issue allows attackers with Agent/Extended Read permission to view encrypted values of secrets when accessing config.xml of agents via REST API or CL...

4.3CVSS4.7AI score0.00684EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-0171

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel b...

5.5CVSS6.3AI score0.00288EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2021-3981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read...

3.3CVSS5.2AI score0.00311EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-28842

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream...

6.8CVSS6.9AI score0.0144EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-28841

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream...

6.8CVSS6.8AI score0.00696EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-35791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: SVM: Flush pages under kvm-lock to fix UAF in svmregisterencregion Do the cache flush of converted pages in svmregisterencregion before dropping kvm-lock t...

7.8CVSS6.6AI score0.00238EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-4155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a doubl...

5.6CVSS6.6AI score0.00158EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.14 views

Jenkins LTS < 2.492.2 / Jenkins weekly < 2.500 Multiple Vulnerabilities

According to its its self-reported version number, the version of Jenkins running on the remote web server is Jenkins LTS prior to 2.492.2 or Jenkins weekly prior to 2.500. It is, therefore, affected by multiple vulnerabilities: - Medium Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not...

5.4CVSS6.1AI score0.00684EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2025/03/05 12:0 a.m.22 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description Medium SECURITY-3495 / CVE-2025-27622 Encrypted values of secrets stored in agent configuration revealed to users with Agent/Extended Read permission Description Medium SECURITY-3496 / CVE-2025-27623 Encrypted values of secrets stored in view configuration...

5.4CVSS6.9AI score0.00684EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2020-1740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes ansible-vault edit, another user on the same...

4.7CVSS6.7AI score0.00374EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2010-0015

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries...

7.5CVSS5.4AI score0.03067EPSS
Exploits0References2
Veracode
Veracode
added 2025/02/26 8:54 a.m.4 views

Bit Flipping Attack

cookie-encrypter is vulnerable to Bit flipping Attack. The vulnerability is due to the lack of integrity verification, allowing attackers to modify encrypted cookies without detection...

9.1CVSS6.7AI score0.00274EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

DEBIAN-CVE-2022-49361

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check for inline inode Yanming reported a kernel bug in Bugzilla kernel 1, which can be reproduced. The bug message is: The kernel message is shown below: kernel BUG at fs/inode.c:611! Call Trace:...

5.5CVSS5.3AI score0.0024EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

DEBIAN-CVE-2022-49290

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix potential double free on mesh join While commit 6a01afcf8468 "mac80211: mesh: Free ie data when leaving mesh" fixed a memory leak on mesh leave / teardown it introduced a potential memory corruption caused by a doub...

7.8CVSS5.6AI score0.00227EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.4 views

UBUNTU-CVE-2022-49361

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check for inline inode Yanming reported a kernel bug in Bugzilla kernel 1, which can be reproduced. The bug message is: The kernel message is shown below: kernel BUG at fs/inode.c:611! Call Trace:...

5.5CVSS5.8AI score0.0024EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/02/26 12:0 a.m.5 views

PT-2025-8739 · Esri · Esri Arcgis Monitor

Name of the Vulnerable Software and Affected Versions: Esri ArcGIS Monitor versions 2023.0 through 2024.x Description: The issue is a SQL injection problem that allows a remote, authenticated attacker with low privileges to improperly read limited database schema information by passing crafted...

4.3CVSS7.4AI score0.0037EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.6 views

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the use of strictly encrypted accounting data. This allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the use of rigidly encrypted account data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized acces...

9CVSS5.5AI score0.00335EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.7 views

The vulnerability of Tenda W18E router microprogramming software, related to the use of strictly encrypted account data, allows a intruder to gain unauthorized access to the control console with administrator privileges.

The vulnerability of Tenda W18E router microprogramming software is related to the use of strictly encrypted account data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the control console with administrator privileges...

8.8CVSS5.5AI score0.00554EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.6 views

The vulnerability of Tenda W18E router microprogramming software, related to the use of strictly encrypted login data, allows a intruder to gain unauthorized access to the control console.

The vulnerability of Tenda W18E router microprogramming software is related to the use of strictly encrypted account data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the control console with administrator privileges...

8.8CVSS5.5AI score0.00511EPSS
Exploits1References3
Rows per page
Query Builder