Lucene search
K

8698 matches found

OSV
OSV
added 2019/07/31 1:15 p.m.14 views

CVE-2019-10362

Jenkins Configuration as Code Plugin 1.24 and earlier did not escape values resulting in variable interpolation during configuration import when exporting, allowing attackers with permission to change Jenkins system configuration to obtain the values of environment variables...

5.4CVSS6.7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/07/31 12:0 a.m.6 views

PT-2019-11744 · Jenkins · Jenkins Configuration As Code Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Configuration as Code Plugin versions 1.20 and earlier Jenkins Configuration as Code Plugin versions prior to 1.25 Description: The issue concerns the handling of the proxy password in the Jenkins Configuration as Code Plugin...

5.5CVSS5.5AI score0.0033EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2019/07/31 12:0 a.m.4 views

PT-2019-11758 · Jenkins · Jenkins Configuration As Code Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Configuration as Code Plugin versions 1.24 and earlier Description: The issue allows attackers with permission to change Jenkins system configuration to obtain the values of environment variables due to variable interpolation during...

5.5CVSS5.3AI score0.00737EPSS
Exploits0References6
OSV
OSV
added 2019/07/30 5:15 p.m.2 views

UBUNTU-CVE-2018-16871

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to...

7.5CVSS6.9AI score0.02779EPSS
Exploits0References3
OSV
OSV
added 2019/07/29 4:15 p.m.2 views

UBUNTU-CVE-2019-11200

Dolibarr ERP/CRM 9.0.1 provides a web-based functionality that backs up the database content to a dump file. However, the application performs insufficient checks on the export parameters to mysqldump, which can lead to execution of arbitrary binaries on the server. Malicious binaries can be...

8.8CVSS7.5AI score0.02101EPSS
Exploits1References3
OSV
OSV
added 2019/07/23 11:15 p.m.3 views

CVE-2019-2833

Vulnerability in the Oracle Hospitality Simphony component of Oracle Food and Beverage Applications. The supported version that is affected is 18.2.1. Easily exploitable vulnerability allows low privileged attacker having Import/Export privilege with network access via HTTP to compromise Oracle...

7.7CVSS7.1AI score0.01321EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2019/07/22 3:9 p.m.12 views

uniglassplus.com Cross Site Scripting vulnerability

Security Researcher metamorfosec Helped patch 1914 vulnerabilities Received 9 Coordinated Disclosure badges Received 31 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting uniglassplus.com website and its users. Following...

6.4AI score
Exploits0
NVD
NVD
added 2019/07/18 12:15 p.m.25 views

CVE-2016-10762

The CampTix Event Ticketing plugin before 1.5 for WordPress allows CSV injection when the export tool is used...

7.5CVSS7.8AI score0.01798EPSS
Exploits1References2
Cvelist
Cvelist
added 2019/07/18 11:22 a.m.19 views

CVE-2016-10762

The CampTix Event Ticketing plugin before 1.5 for WordPress allows CSV injection when the export tool is used...

7.8AI score0.01798EPSS
Exploits1References2
Kitploit
Kitploit
added 2019/07/17 9:42 p.m.234 views

Shellsum - A Defense Tool - Detect Web Shells In Local Directories Via Md5Sum

A defense tool - detect web shells in local directories via md5sum Features Fast speed Lightweight Big database Tabled output Usages Install git clone https://github.com/ManhNho/shellsum.git chmod 755 -R shellsum/ cd shellsum/ pip install -r requirements.txt Run python shellsum.py ToDo Smooth...

7.2AI score
Exploits0References2
Openbugbounty
Openbugbounty
added 2019/07/17 2:41 p.m.13 views

www2.cmovieshd.bz Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-899416 Security Researcher geeknik Helped patch 8696 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting www2.cmovieshd.bz website a...

0.1AI score
Exploits0
OSV
OSV
added 2019/07/17 2:15 p.m.3 views

CVE-2019-4054

IBM QRadar SIEM 7.2 and 7.3 could allow a local user to obtain sensitive information when exporting content that could aid an attacker in further attacks against the system. IBM X-Force ID: 156563...

3.3CVSS5.8AI score0.00334EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/07/17 12:0 a.m.6 views

PT-2019-16866 · Ibm · Ibm Qradar Siem

Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM versions 7.2 through 7.3 Description: A local user could obtain sensitive information when exporting content, which could aid an attacker in further attacks against the system. Recommendations: For versions 7.2 and 7.3, update...

4CVSS3.8AI score0.00334EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/11 1:5 p.m.21 views

Security Bulletin: Path Traversal exposure in the Save/Export function of the FTM OAC

Summary The "Save/Export" function available on all search result displays tabulated results is potentially vulnerable to a Path Traversal type attack. Vulnerability Details CVEID: CVE-2018-1847 DESCRIPTION: IBM Financial Transaction Manager FTM for Multi-Platform MP could allow a remote attacker...

6.5CVSS2.2AI score0.0205EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2019/07/11 12:0 a.m.19 views

TYPO3 9.3.x <= 9.5.7 Broken Access Control Vulnerability

TYPO3 CMS is susceptible to a broken access control vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; ...

7.2AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/10 3:40 p.m.21 views

Security Bulletin: IBM QRadar SIEM is vulnerable to an Information exposure (CVE-2019-4054)

Summary IBM QRadar SIEM could disclose potentially sensitive information about users during content export. Vulnerability Details CVEID: CVE-2019-4054 Description: IBM QRadar could allow a local user to obtain sensitive information when exporting content that could aid an attacker in further...

4CVSS1.6AI score0.00334EPSS
Exploits0Affected Software1
Openbugbounty
Openbugbounty
added 2019/07/10 7:3 a.m.8 views

brusselsjazzweekend.be Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-885239 Security Researcher Renzi Helped patch 6742 vulnerabilities Received 8 Coordinated Disclosure badges Received 36 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting brusselsjazzweekend.be websit...

0.2AI score
Exploits0
OSV
OSV
added 2019/07/09 4:15 p.m.3 views

CVE-2019-11019

Lack of authentication in case-exporting components in DDRT Dashcom Live through 2019-05-08 allows anyone to remotely access all claim details by visiting easily guessable exportpdf/allclaimdetail.php?claimid= URLs...

7.5CVSS7.1AI score0.01477EPSS
Exploits0References2
NVD
NVD
added 2019/07/03 7:15 p.m.13 views

CVE-2018-14861

Improper data access control in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows authenticated users to perform a CSV export of the secure hashed passwords of other users...

6.5CVSS6.4AI score0.0097EPSS
Exploits0References1
OSV
OSV
added 2019/07/03 7:15 p.m.3 views

CVE-2018-14861

Improper data access control in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows authenticated users to perform a CSV export of the secure hashed passwords of other users...

6.5CVSS5.8AI score0.0097EPSS
Exploits0References1
Rows per page
Query Builder