Lucene search
K

23 matches found

NVD
NVD
added 2025/01/22 5:15 p.m.17 views

CVE-2025-24397

An incorrect permission check in Jenkins GitLab Plugin 1.9.6 and earlier allows attackers with global Item/Configure permission while lacking Item/Configure permission on any particular job to enumerate credential IDs of GitLab API token and Secret text credentials stored in Jenkins...

4.3CVSS0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/22 5:2 p.m.24 views

CVE-2025-24397

An incorrect permission check in Jenkins GitLab Plugin 1.9.6 and earlier allows attackers with global Item/Configure permission while lacking Item/Configure permission on any particular job to enumerate credential IDs of GitLab API token and Secret text credentials stored in Jenkins...

0.00288EPSS
Exploits0References1
NVD
NVD
added 2023/09/08 9:15 a.m.21 views

CVE-2023-4777

An incorrect permission check in Qualys Container Scanning Connector Plugin 1.6.2.6 and earlier allows attackers with global Item/Configure permission while lacking Item/Configure permission on any particular job to enumerate credentials IDs of credentials stored in Jenkins and to connect to an...

4.3CVSS4AI score0.00317EPSS
Exploits0References1
NVD
NVD
added 2022/11/15 8:15 p.m.32 views

CVE-2022-45383

An incorrect permission check in Jenkins Support Core Plugin 1206.v14049fabd860 and earlier allows attackers with Support/DownloadBundle permission to download a previously created support bundle containing information limited to users with Overall/Administer permission...

6.5CVSS0.00649EPSS
Exploits0References2
NVD
NVD
added 2022/06/30 6:15 p.m.48 views

CVE-2022-34782

An incorrect permission check in Jenkins requests-plugin Plugin 2.2.16 and earlier allows attackers with Overall/Read permission to view the list of pending requests...

4.3CVSS0.00516EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/06/29 12:58 a.m.24 views

CVE-2022-29271

In Nagios XI through 5.8.5, a read-only Nagios user due to an incorrect permission check is able to schedule downtime for any host/services. This allows an attacker to permanently disable all monitoring checks...

6.6AI score0.01854EPSS
Exploits0References4
NVD
NVD
added 2021/06/10 3:15 p.m.29 views

CVE-2021-21664

An incorrect permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Generic Create permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing Username/password credentials stored i...

6.5CVSS0.00991EPSS
Exploits0References2
NVD
NVD
added 2021/03/18 2:15 p.m.22 views

CVE-2021-21624

An incorrect permission check in Jenkins Role-based Authorization Strategy Plugin 3.1 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders...

4.3CVSS0.00877EPSS
Exploits0References2
NVD
NVD
added 2021/03/10 5:15 p.m.23 views

CVE-2021-0382

In checkSlicePermission of SliceManagerService.java, there is a possible resource exposure due to an incorrect permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

5.5CVSS0.00114EPSS
Exploits0References1
Prion
Prion
added 2021/03/10 5:15 p.m.20 views

Design/Logic Flaw

In checkSlicePermission of SliceManagerService.java, there is a possible resource exposure due to an incorrect permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

2.1CVSS5.1AI score0.00114EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/01/13 12:0 a.m.36 views

EulerOS Virtualization for ARM 64 3.0.5.0 : xorg-x11-server (EulerOS-SA-2020-1062)

According to the versions of the xorg-x11-server packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An incorrect permission check for -modulepath and -logfile options when starting Xorg X server allows...

7.2CVSS7.1AI score0.2704EPSS
Exploits39References3
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.31 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : gvfs Vulnerability (NS-SA-2019-0238)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has gvfs packages installed that are affected by a vulnerability: - An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users...

7CVSS7.1AI score0.00368EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.29 views

EulerOS 2.0 SP5 : gvfs (EulerOS-SA-2019-2156)

According to the version of the gvfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileg...

7CVSS7.1AI score0.00368EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.44 views

EulerOS 2.0 SP8 : xorg-x11-server (EulerOS-SA-2019-2123)

According to the version of the xorg-x11-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. ...

7.2CVSS7.5AI score0.2704EPSS
Exploits39References2
UbuntuCve
UbuntuCve
added 2019/10/11 7:15 p.m.24 views

CVE-2019-2173

In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch due to an incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS7.1AI score0.00161EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/10/11 6:14 p.m.25 views

CVE-2019-2173

In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch due to an incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8AI score0.00161EPSS
Exploits0References1
OSV
OSV
added 2019/03/25 6:29 p.m.21 views

CVE-2019-3827

An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running unde...

7CVSS7.2AI score0.00368EPSS
Exploits0References4
Cvelist
Cvelist
added 2019/03/25 5:47 p.m.15 views

CVE-2019-3827

An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running unde...

7CVSS7AI score0.00368EPSS
Exploits0References4
0day.today
0day.today
added 2018/12/01 12:0 a.m.42 views

xorg-x11-server < 1.20.3 - modulepath Local Privilege Escalation Exploit

Exploit for openbsd platform in category local exploits !/bin/sh raptorxorgy - xorg-x11-server LPE via modulepath switch Copyright c 2018 Marco Ivaldi A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server...

6.8AI score0.2704EPSS
Exploits40
Exploit DB
Exploit DB
added 2018/11/30 12:0 a.m.70 views

xorg-x11-server &lt; 1.20.3 - &#039;modulepath&#039; Local Privilege Escalation

!/bin/sh raptorxorgy - xorg-x11-server LPE via modulepath switch Copyright c 2018 Marco Ivaldi A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to...

7.2CVSS7.2AI score0.2704EPSS
Exploits39
Rows per page
Query Builder