39 matches found
RICOH ジョブログ集計/分析ソフトウェア 代码问题漏洞
RICOH Job Log Aggregation/Analysis Software is a tool developed by the Japanese RICOH company for aggregating job logs. Versions of RICOH Job Log Aggregation/Analysis Software prior to version 1.3.7 contained code vulnerabilities. These vulnerabilities were caused by issues with the DLL search...
EUVD-2020-5600
Malware in sbrugna...
EUVD-2025-25439
Malicious code in bioql PyPI...
EUVD-2023-2867
Malicious code in bioql PyPI...
EUVD-2023-0977
Malicious code in bioql PyPI...
EUVD-2022-42675
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-3279
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An unhandled exception in job log parsing in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an...
CVE-2025-9263
A vulnerability has been found in Xuxueli xxl-job up to 3.1.1. Affected by this vulnerability is the function getJobsByGroup of the file /src/main/java/com/xxl/job/admin/controller/JobLogController.java. Such manipulation of the argument jobGroup leads to improper control of resource identifiers...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the getJobsByGroup function of the file /src/main/java/com/xxl/job/admin/controller/JobLogController.java when handling the jobGroup argument. An attacker can gain unauthorized access ...
CVE-2025-9263
A vulnerability has been found in Xuxueli xxl-job up to 3.1.1. Affected by this vulnerability is the function getJobsByGroup of the file /src/main/java/com/xxl/job/admin/controller/JobLogController.java. Such manipulation of the argument jobGroup leads to improper control of resource identifiers...
PT-2025-34168 · Xuxueli · Xxl-Job
Name of the Vulnerable Software and Affected Versions: Xuxueli xxl-job versions up to 3.1.1 Description: A vulnerability exists in the getJobsByGroup function located in the /src/main/java/com/xxl/job/admin/controller/JobLogController.java file. Manipulation of the jobGroup argument results in...
CVE-2022-3279
An unhandled exception in job log parsing in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to prevent access to job logs...
CVE-2025-28406
CVE-2025-28406 affects RUoYi v4.8.0. A remote attacker can escalate privileges via the experimental-like parameter jobLogId in RUoYi, leading to full/total impact as indicated by CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (base score 9.8, CRITICAL). Connected sources note this is a privilege-...
CVE-2020-13340
An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log...
GitLab 12.4 < 13.2.10 / 13.3 < 13.3.7 / 13.4 < 13.4.2 (CVE-2020-13340)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log CVE-2020-13340 Note that Nessus has not tested for this issue but has instea...
BIT-GITLAB-2020-13340
An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log...
XXL-JOB Security Vulnerability
XXL-JOB is a distributed task scheduling platform based on the java language from the Xu Xue Li XXL-JOB community. A security vulnerability exists in XXL-JOB xxl-job-admin version 2.4.0, which stems from a cross-site scripting XSS vulnerability in component /xxl-job-admin/joblog/logDetailPage...
CVE-2023-25721
Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and when a scan is configured for remote agent jobs, allows users with access to view the job log to...
PT-2022-26790 · Xxl-Job · Xxl-Job
Name of the Vulnerable Software and Affected Versions: XXL-Job versions prior to 2.3.1 Description: The issue is related to a Server-Side Request Forgery SSRF in the component /admin/controller/JobLogController.java. This allows for potential exploitation. Recommendations: For versions prior to...
XXL-JOB 代码问题漏洞
XXL-JOB is a distributed task scheduling platform based on the java language from the Xu Xueli XXL-JOB community.A security vulnerability exists in versions prior to XXL-JOB v2.3.1, which stems from a vulnerability found via the component /admin/controller/JobLogController.java containing...