24 matches found
CVE-2026-9129 Path Traversal in Altium Enterprise Server Viewer StorageController Allows Arbitrary File Read
A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters. On on-premise deployments that use local filesystem storage, a regular authenticated user can supply a URL-encoded absolute path such as an encode...
PT-2026-42246
A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters. On on-premise deployments that use local filesystem storage, a regular authenticated user can supply a URL-encoded absolute path such as an encode...
CVE-2024-23333
LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...
DEBIAN-CVE-2024-23333
LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...
CVE-2024-23333 LAM vulnerable to Authenticated Remote Code Execution
LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...
CVE-2024-23333 LAM vulnerable to Authenticated Remote Code Execution
LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...
SUSE CVE-2017-8109
The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions clients...
SUSE CVE-2019-16543
Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
PT-2020-15434 · Jenkins · Jenkins Hp Alm Quality Center Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins HP ALM Quality Center Plugin versions 1.6 and earlier Description: The issue concerns the storage of a password in plain text in the global configuration file, specifically in...
PT-2020-15427 · Jenkins · Jenkins Github Coverage Reporter Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins GitHub Coverage Reporter Plugin versions 1.8 and earlier Jenkins GitHub Coverage Reporter Plugin versions 1.10 and earlier Description: The issue concerns the storage of secrets in plain text in the global configuration file on the...
Unspecified Vulnerability in CloudBees Jenkins Eagle Tester Plugin
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A security vulnerability exis...
PT-2020-15336 · Jenkins · Jenkins Bmc Release Package/Deployment Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins BMC Release Package and Deployment Plugin versions 1.1 and earlier Description: The issue allows credentials to be stored unencrypted in the global configuration file on the Jenkins master. This can be viewed by users with access to t...
PT-2020-15338 · Jenkins · Jenkins Eagle Tester Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Eagle Tester Plugin versions 1.0.9 and earlier Description: The issue concerns the storage of a password in an unencrypted form in the global configuration file on the Jenkins master. This allows users with access to the master file...
PT-2019-11847 · Jenkins · Jenkins Delphix Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Delphix Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file of the Jenkins master. This allows users with access to the master...
PT-2019-11823 · Jenkins · Jenkins Gitlab Logo Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins GitLab Logo Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file of the Jenkins master. This allows users with access to the...
CVE-2019-10298
Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003097
Jenkins Crowd Integration Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003063
Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003060
Jenkins Official OWASP ZAP Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2019-1003062
Jenkins AWS CloudWatch Logs Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...