26 matches found
EUVD-2022-3190
Malicious code in bioql PyPI...
EUVD-2022-4477
Malicious code in bioql PyPI...
CVE-2019-10471
A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2019-10473
A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...
CVE-2019-10472
A missing permission check in Jenkins Libvirt Slaves Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
Jenkins Libvirt Slaves Plugin vlnerable to Credential Enumeration
A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...
GHSA-M295-M3X4-3MMC Jenkins Libvirt Slaves Plugin vlnerable to Cross-Site Request Forgery
A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CloudBees Jenkins Libvirt Slaves Plugin Cross-Site Request Forgery Vulnerability
CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Libvirt Slaves Plugin is used in one of the plug-in for controlling guest domains...
CloudBees Jenkins Libvirt Slaves Plugin Cross-Site Request Pseudo-Vulnerability (CNVD-2019-38512)
CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Libvirt Slaves Plugin is used in one of the plug-in for controlling guest domains...
CloudBees Jenkins Libvirt Slaves Plugin Enumeration Credentials Vulnerability
CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Libvirt Slaves Plugin is used in one of the plug-in for controlling guest domains...
CVE-2019-10472
A missing permission check in Jenkins Libvirt Slaves Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2019-10471
A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2019-10471
A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2019-10473
A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...
CVE-2019-10473
A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...
Cross site request forgery (csrf)
A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
Design/Logic Flaw
A missing permission check in Jenkins Libvirt Slaves Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2019-10472
A missing permission check in Jenkins Libvirt Slaves Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2019-10472
The CVE-2019-10472 involves Jenkins Libvirt Slaves Plugin where a missing permission check allows attackers with Overall/Read to initiate SSH connections to an attacker-controlled server using attacker-controlled credentials IDs, potentially capturing credentials stored in Jenkins. The connected ...
CVE-2019-10473
A vulnerability in the Jenkins Libvirt Slaves Plugin (credential enumeration) arises from a missing permission check in form-related methods. Affected component(s): Libvirt Slaves Plugin, form-related credential handling. Root cause: insufficient access control allows users with Overall/Read to e...