CVE-2023-47112

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which provides a list of job names and...

CVE-2024-46896 drm/amdgpu: don't access invalid sched

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: don't access invalid sched Since 2320c9e6a768 "drm/sched: memset 'job' in drmschedjobinit" accessing job-base.sched can produce unexpected results as the initialisation of job-base.sched done in amdgpujoballoc is...

CVE-2023-47112 Authenticated users can view job names and groups they do not have authorization to view in Rundeck

Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which provides a list of job names and...

PT-2023-30739 · Rundeck · Rundeck

Name of the Vulnerable Software and Affected Versions: Rundeck versions 4.12.0 through 4.16.0 Description: The issue allows authenticated users to access certain URL paths without necessary authorization checks, potentially enabling them to view or delete jobs. The affected URLs are:...

CVE-2018-1000416

A reflected cross-site scripting vulnerability exists in Jenkins Job Config History Plugin 2.18 and earlier in all Jelly files that shows arbitrary attacker-specified HTML in Jenkins to users with Job/Configure access...

EMC Documentum Content Server Privilege Gain Vulnerability

EMC Documentum Content Server is a content management service system from EMC. The system is mainly used to manage Documentum content repository, can create, modify and track documents and other operations. A security vulnerability exists in EMC Documentum Content Server versions 7.1 and 7.2, whi...