CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CloudBees Jenkins WildFly Deployer Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . WildFly Deployer Plugin is used in which an...

CNVD•added 2019/10/14 12:0 a.m.•0 views

CloudBees Jenkins OctopusDeploy Plugin Trust Management Issue Vulnerability

8.8CVSS6.8AI score0.01365EPSS

CloudBees Jenkins aws-device-farm Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . aws-device-farm Plugin is used in one of t...

8.8CVSS6.8AI score0.01365EPSS

CloudBees Jenkins Audit to Database Plugin Trust Management Issue Vulnerability

8.8CVSS6.9AI score0.01377EPSS

CloudBees Jenkins CloudShare Docker-Machine Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. The product is mainly used to monitor continuous software version release/testing projects and some timed tasks.CloudShare Docker-Machine Plugin is used in one of the plugin for building and...

CNVD•added 2019/10/14 12:0 a.m.•4 views

CloudBees Jenkins FTP publisher Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/testing project and some timed tasks . FTP publisher Plugin is used in one of...

CNVD•added 2019/10/14 12:0 a.m.•3 views

CloudBees Jenkins VS Team Services Continuous Deployment Plugin Trust Management Issue Vulnerability

Symantec•added 2019/10/08 12:0 a.m.•31 views

Siemens SIMATIC IT UADM CVE-2019-13929 Hardcoded Cryptographic Key Vulnerability

Description Siemens SIMATIC IT UADM is prone to a hard-coded cryptographic key vulnerability. An attacker can exploit this issue to gain unauthorized access to the vulnerable device and perform unauthorized actions. Versions prior to SIMATIC IT UADM 1.3 are vulnerable. Technologies Affected Sieme...

1.2AI score0.01273EPSS

Exploits0References1Affected Software1

ICS•added 2019/10/08 12:0 a.m.•157 views

GE Mark VIe Controller

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: GE Equipment: Mark VIe Controller Vulnerabilities: Improper Authorization, Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create...

8.8CVSS8.8AI score0.0096EPSS

Exploits0References5

ICS•added 2019/10/08 12:0 a.m.•72 views

ICSA-19-281-04 Siemens SIMATIC IT UADM

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC IT Unified Architecture Discrete Manufacturing UADM Vulnerability: Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability...

6.5CVSS6.9AI score0.01273EPSS

Exploits0References9

CNVD•added 2019/10/08 12:0 a.m.•2 views

Broadcom CA Network Flow Analysis Default Credentials Vulnerability

Broadcom CA Network Flow Analysis is a network traffic monitoring solution from Broadcom. A security vulnerability exists in Broadcom CA Network Flow Analysis versions 9.x and 10.0.x. The vulnerability arises from a lack of an effective trust management mechanism in a network system or product. T...

9.8CVSS6.8AI score0.03443EPSS

OSV•added 2019/09/30 6:15 p.m.•1 views

CVE-2019-13466

Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. The “generate reports” archive is protected with a hard-coded password. An application update that addresses the protection of archive encryption is available...

7.5CVSS7.1AI score

Exploits0References2

NVD•added 2019/09/30 6:15 p.m.•16 views

CVE-2019-13466

7.5CVSS7.6AI score0.00661EPSS

Exploits0References2

CVE•added 2019/09/30 5:52 p.m.•72 views

CVE-2019-13466

Concretely affected: Western Digital SSD Dashboard and SanDisk SSD Dashboard prior to version 2.5.1.0. Vulnerability: Incorrect access control where the generate reports archive is protected with a hard-coded password. Root cause: insufficient access restrictions for archive generation. Impact: p...

7.5CVSS7.5AI score0.00661EPSS

Exploits0References2Affected Software2

Cvelist•added 2019/09/30 5:52 p.m.•22 views

CVE-2019-13466

7.6AI score0.00661EPSS

Exploits0References2

CVE•added 2019/09/30 3:40 p.m.•52 views

CVE-2019-2294

CVE-2019-2294 relates to a vulnerability in Qualcomm Snapdragon components where a hard-coded magic number is used to calculate heap guard bytes. This can allow an attacker to corrupt heap blocks without understanding the heap’s algorithm, affecting a wide range of Snapdragon-based products (Auto...

10CVSS9.3AI score0.00907EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/09/30 3:40 p.m.•19 views

CVE-2019-2294

Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial...

9.4AI score0.00907EPSS

NVD•added 2019/09/23 4:15 p.m.•16 views

CVE-2019-10990

Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protected files in transit and at rest, which may allow an attacker to access configuration files...

6.5CVSS6.7AI score0.0133EPSS

OSV•added 2019/09/23 4:15 p.m.•4 views

CVE-2019-10990

6.5CVSS6.6AI score0.0133EPSS