Lucene search
K

7 matches found

NVD
NVD
added 2023/07/26 2:15 p.m.26 views

CVE-2023-39154

Incorrect permission checks in Jenkins Qualys Web App Scanning Connector Plugin 2.0.10 and earlier allow attackers with global Item/Configure permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored i...

6.5CVSS6.6AI score0.00483EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/11/16 12:0 p.m.27 views

Incorrect permission checks in Jenkins Support Core Plugin

Support Core Plugin defines the permission Support/DownloadBundle that allows users without Overall/Administer permission to create and download support bundles containing a limited set of diagnostic information. Support Core Plugin 1206.v14049fabd860 and earlier does not correctly perform...

6.5CVSS6.4AI score0.00649EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2021/06/30 3:15 p.m.17 views

CVE-2021-35970

Talk 4 in Coral before 4.12.1 allows remote attackers to discover e-mail addresses and other sensitive information via GraphQL because permission checks use an incorrect data type...

7.5CVSS0.02312EPSS
Exploits1References4
NVD
NVD
added 2014/01/15 4:8 p.m.15 views

CVE-2014-0368

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims...

5CVSS4.5AI score0.03807EPSS
Exploits0References32
Prion
Prion
added 2014/01/15 4:8 p.m.23 views

Design/Logic Flaw

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims...

5CVSS5.9AI score0.03807EPSS
Exploits0References32Affected Software2
Cvelist
Cvelist
added 2014/01/15 1:33 a.m.21 views

CVE-2014-0368

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims...

4.6AI score0.03807EPSS
Exploits0References32
Tenable Nessus
Tenable Nessus
added 2012/05/01 12:0 a.m.22 views

FreeBSD : samba -- incorrect permission checks vulnerability (0fa15e08-92ec-11e1-a94a-00215c6a37bb)

The Samba project reports : Samba versions 3.4.x to 3.6.4 inclusive are affected by a vulnerability that allows arbitrary users to modify privileges on a file server. Security checks were incorrectly applied to the Local Security Authority LSA remote proceedure calls RPC CreateAccount, OpenAccoun...

6.5CVSS8.1AI score0.04803EPSS
Exploits0References2
Rows per page
Query Builder