CVE-2026-4564

A security vulnerability has been detected in yangzongzhuan RuoYi up to 4.8.2. This issue affects some unknown processing of the file /monitor/job/ of the component Quartz Job Handler. Such manipulation of the argument invokeTarget leads to code injection. It is possible to launch the attack...

EUVD-2026-14341

A security vulnerability has been detected in yangzongzhuan RuoYi up to 4.8.2. This issue affects some unknown processing of the file /monitor/job/ of the component Quartz Job Handler. Such manipulation of the argument invokeTarget leads to code injection. It is possible to launch the attack...

CVE-2026-4564

A security vulnerability has been detected in yangzongzhuan RuoYi up to 4.8.2. This issue affects some unknown processing of the file /monitor/job/ of the component Quartz Job Handler. Such manipulation of the argument invokeTarget leads to code injection. It is possible to launch the attack...

Ruoyi 代码注入漏洞

Ruoyi is a backend management system developed by the RuoYi developer. Versions of RuoYi 4.8.2 and earlier had a code injection vulnerability. This vulnerability stemmed from improper handling of the invokeTarget parameter in the Quartz Job Handler component located in the file /monitor/job/...

CVE-2026-4564

A security vulnerability has been detected in yangzongzhuan RuoYi up to 4.8.2. This issue affects some unknown processing of the file /monitor/job/ of the component Quartz Job Handler. Such manipulation of the argument invokeTarget leads to code injection. It is possible to launch the attack...

CVE-2026-4564 yangzongzhuan RuoYi Quartz Job job code injection

A security vulnerability has been detected in yangzongzhuan RuoYi up to 4.8.2. This issue affects some unknown processing of the file /monitor/job/ of the component Quartz Job Handler. Such manipulation of the argument invokeTarget leads to code injection. It is possible to launch the attack...

CVE-2026-4564 yangzongzhuan RuoYi Quartz Job job code injection

A security vulnerability has been detected in yangzongzhuan RuoYi up to 4.8.2. This issue affects some unknown processing of the file /monitor/job/ of the component Quartz Job Handler. Such manipulation of the argument invokeTarget leads to code injection. It is possible to launch the attack...

PT-2026-27036

Name of the Vulnerable Software and Affected Versions yangzongzhuan RuoYi versions up to 4.8.2 Description A security issue exists in yangzongzhuan RuoYi, specifically within the Quartz Job Handler component. The issue involves code injection stemming from manipulation of the invokeTarget argumen...

CVE-2022-36886

A cross-site request forgery CSRF vulnerability in Jenkins External Monitor Job Type Plugin 191.v363d0d1efdf8 and earlier allows attackers to create runs of an external job...

GHSA-G4C3-4F3V-84X8 Jenkins External Monitor Job Type Plugin XML external entity vulnerability

Jenkins External Monitor Job Type Plugin 206.v9a94ff0b4a10 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with Item/Build permission to have Jenkins parse a crafted HTTP request with XML data that uses external entities for extracti...

Jenkins External Monitor Job Type Plugin XML external entity vulnerability

Jenkins External Monitor Job Type Plugin 206.v9a94ff0b4a10 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with Item/Build permission to have Jenkins parse a crafted HTTP request with XML data that uses external entities for extracti...

CVE-2023-37942

The CVE-2023-37942 entry concerns Jenkins External Monitor Job Type Plugin, specifically 206.v9a_94ff0b_4a_10 and earlier. The root cause is that the XML parser was not configured to prevent XML External Entity (XXE) attacks. Impact as described: an attacker with Item/Build permission can supply ...

CVE-2022-36886

A cross-site request forgery CSRF vulnerability in Jenkins External Monitor Job Type Plugin 191.v363d0d1efdf8 and earlier allows attackers to create runs of an external job...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins External Monitor Job Type Plugin 191.v363d0d1efdf8 and earlier allows attackers to create runs of an external job...

CVE-2022-36886

A cross-site request forgery CSRF vulnerability in Jenkins External Monitor Job Type Plugin 191.v363d0d1efdf8 and earlier allows attackers to create runs of an external job...

CVE-2022-36886

The CVE-2022-36886 entry concerns a CSRF vulnerability in Jenkins External Monitor Job Type Plugin versions 191.v363d0d1efdf8 and earlier, which allows attackers to create runs of an external job. Root cause: the plugin’s HTTP endpoint does not require POST requests, enabling CSRF. Affected compo...

CVE-2022-36886

A cross-site request forgery CSRF vulnerability in Jenkins External Monitor Job Type Plugin 191.v363d0d1efdf8 and earlier allows attackers to create runs of an external job...

libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent

A flaw was found in the way the libvirtd daemon issued the 'suspend' command to a QEMU guest-agent running inside a guest, where it holds a monitor job while issuing the 'suspend' command to a guest-agent. A malicious guest-agent may use this flaw to block the libvirt daemon indefinitely, resulti...

libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent

A flaw was found in the way the libvirtd daemon issued the 'suspend' command to a QEMU guest-agent running inside a guest, where it holds a monitor job while issuing the 'suspend' command to a guest-agent. A malicious guest-agent may use this flaw to block the libvirt daemon indefinitely, resulti...

ALPINE-CVE-2019-20485

qemu/qemudriver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service API blockage...