Lucene search
K

39 matches found

CNNVD
CNNVD
added 2026/02/20 12:0 a.m.8 views

RICOH ジョブログ集計/分析ソフトウェア 代码问题漏洞

RICOH Job Log Aggregation/Analysis Software is a tool developed by the Japanese RICOH company for aggregating job logs. Versions of RICOH Job Log Aggregation/Analysis Software prior to version 1.3.7 contained code vulnerabilities. These vulnerabilities were caused by issues with the DLL search...

8.4CVSS7.3AI score0.0016EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-5600

Malware in sbrugna...

8.7CVSS8.5AI score0.68639EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25439

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.00289EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-2867

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00362EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-0977

Malicious code in bioql PyPI...

6.5CVSS5.8AI score0.00647EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-42675

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00946EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-3279

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An unhandled exception in job log parsing in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an...

6.5CVSS6.4AI score0.00946EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/22 11:23 p.m.6 views

CVE-2025-9263

A vulnerability has been found in Xuxueli xxl-job up to 3.1.1. Affected by this vulnerability is the function getJobsByGroup of the file /src/main/java/com/xxl/job/admin/controller/JobLogController.java. Such manipulation of the argument jobGroup leads to improper control of resource identifiers...

5.3CVSS7.3AI score0.00289EPSS
Exploits1References1
Snyk
Snyk
added 2025/08/21 12:30 a.m.7 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the getJobsByGroup function of the file /src/main/java/com/xxl/job/admin/controller/JobLogController.java when handling the jobGroup argument. An attacker can gain unauthorized access ...

5.3CVSS5.8AI score0.00289EPSS
Exploits1References3
NVD
NVD
added 2025/08/20 11:15 p.m.6 views

CVE-2025-9263

A vulnerability has been found in Xuxueli xxl-job up to 3.1.1. Affected by this vulnerability is the function getJobsByGroup of the file /src/main/java/com/xxl/job/admin/controller/JobLogController.java. Such manipulation of the argument jobGroup leads to improper control of resource identifiers...

5.3CVSS0.00289EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.10 views

PT-2025-34168 · Xuxueli · Xxl-Job

Name of the Vulnerable Software and Affected Versions: Xuxueli xxl-job versions up to 3.1.1 Description: A vulnerability exists in the getJobsByGroup function located in the /src/main/java/com/xxl/job/admin/controller/JobLogController.java file. Manipulation of the jobGroup argument results in...

5.3CVSS4.5AI score0.00289EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/05/22 10:58 p.m.7 views

CVE-2022-3279

An unhandled exception in job log parsing in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to prevent access to job logs...

6.5CVSS6.4AI score0.00946EPSS
Exploits0References1
CVE
CVE
added 2025/04/07 12:0 a.m.54 views

CVE-2025-28406

CVE-2025-28406 affects RUoYi v4.8.0. A remote attacker can escalate privileges via the experimental-like parameter jobLogId in RUoYi, leading to full/total impact as indicated by CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (base score 9.8, CRITICAL). Connected sources note this is a privilege-...

9.8CVSS7.4AI score0.00614EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 1:49 p.m.3 views

CVE-2020-13340

An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log...

8.7CVSS5.4AI score0.68639EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/17 12:0 a.m.19 views

GitLab 12.4 < 13.2.10 / 13.3 < 13.3.7 / 13.4 < 13.4.2 (CVE-2020-13340)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log CVE-2020-13340 Note that Nessus has not tested for this issue but has instea...

8.7CVSS7.7AI score0.68639EPSS
Exploits0References4
OSV
OSV
added 2024/03/06 11:21 a.m.20 views

BIT-GITLAB-2020-13340

An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2: Stored XSS in CI Job Log...

8.7CVSS8AI score0.68639EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/11/15 12:0 a.m.5 views

XXL-JOB Security Vulnerability

XXL-JOB is a distributed task scheduling platform based on the java language from the Xu Xue Li XXL-JOB community. A security vulnerability exists in XXL-JOB xxl-job-admin version 2.4.0, which stems from a cross-site scripting XSS vulnerability in component /xxl-job-admin/joblog/logDetailPage...

5.4CVSS5.8AI score0.00399EPSS
Exploits1References2
OSV
OSV
added 2023/03/28 8:15 p.m.4 views

CVE-2023-25721

Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and when a scan is configured for remote agent jobs, allows users with access to view the job log to...

6.5CVSS5.8AI score0.00647EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/17 12:0 a.m.15 views

PT-2022-26790 · Xxl-Job · Xxl-Job

Name of the Vulnerable Software and Affected Versions: XXL-Job versions prior to 2.3.1 Description: The issue is related to a Server-Side Request Forgery SSRF in the component /admin/controller/JobLogController.java. This allows for potential exploitation. Recommendations: For versions prior to...

8.8CVSS6.9AI score0.01602EPSS
Exploits1References10
CNNVD
CNNVD
added 2022/11/17 12:0 a.m.4 views

XXL-JOB 代码问题漏洞

XXL-JOB is a distributed task scheduling platform based on the java language from the Xu Xueli XXL-JOB community.A security vulnerability exists in versions prior to XXL-JOB v2.3.1, which stems from a vulnerability found via the component /admin/controller/JobLogController.java containing...

8.8CVSS6.8AI score0.01602EPSS
Exploits1References2
Rows per page
Query Builder