1911 matches found
CVE-2026-27099
Jenkins 2.483 through 2.550 both inclusive, LTS 2.492.1 through 2.541.1 both inclusive does not escape the user-provided description of the "Mark temporarily offline" offline cause, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure or...
CVE-2026-27099
Jenkins 2.483 through 2.550 both inclusive, LTS 2.492.1 through 2.541.1 both inclusive does not escape the user-provided description of the "Mark temporarily offline" offline cause, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure or...
CVE-2026-27099
Jenkins 2.483 through 2.550 both inclusive, LTS 2.492.1 through 2.541.1 both inclusive does not escape the user-provided description of the "Mark temporarily offline" offline cause, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure or...
CVE-2026-27099
Jenkins 2.483 through 2.550 both inclusive, LTS 2.492.1 through 2.541.1 both inclusive does not escape the user-provided description of the "Mark temporarily offline" offline cause, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure or...
CVE-2026-27099
Jenkins CVE-2026-27099 affects Jenkins versions 2.483–2.550 (and LTS 2.492.1–2.541.1) where the description for the “Mark temporarily offline” offline cause is not escaped, causing stored cross-site scripting (XSS). The vulnerability can be exploited by attackers with Agent/Configure or Agent/Dis...
Jenkins 安全漏洞
Jenkins is an open-source application developed by Jenkins Project. The open-source automation server Jenkins offers hundreds of plugins to support building, deploying, and automating any project. Vulnerabilities existed in Jenkins versions 2.483 to 2.550, as well as in LTS versions 2.492.1 to...
PT-2026-20433
Name of the Vulnerable Software and Affected Versions Jenkins versions 2.483 through 2.550 Jenkins LTS versions 2.492.1 through 2.541.1 Description The application does not properly sanitize user-supplied data within the description field of the "Mark temporarily offline" functionality. This can...
jenkins -- multiple vulnerabilities
Jenkins Security Advisory: Description High SECURITY-3669 / CVE-2026-27099 Stored XSS vulnerability in node offline cause description Medium SECURITY-3658 / CVE-2026-27100 Build information disclosure vulnerability through Run Parameter...
CVE-2026-26219
newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The implementation does not incorporate per-user salts or computational cost controls, enabling attackers who obtain password hashes through database exposure, backup leakage, or other compromise vectors to...
CVE-2026-26219
newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The implementation does not incorporate per-user salts or computational cost controls, enabling attackers who obtain password hashes through database exposure, backup leakage, or other compromise vectors to...
CVE-2026-26219
newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The implementation does not incorporate per-user salts or computational cost controls, enabling attackers who obtain password hashes through database exposure, backup leakage, or other compromise vectors to...
CVE-2026-26219
CVE-2026-26219 affects newbee-mall stores that hash passwords using unsalted MD5 without per-user salts or computational cost controls. Root cause: MD5 hashing without salt enables offline credential cracking if password hashes are exposed. Impact: high confidentiality and integrity risk; plainte...
CVE-2026-26219 newbee-mall Unsalted MD5 Password Hashing Enables Offline Credential Cracking
newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The implementation does not incorporate per-user salts or computational cost controls, enabling attackers who obtain password hashes through database exposure, backup leakage, or other compromise vectors to...
CVE-2026-26219 newbee-mall Unsalted MD5 Password Hashing Enables Offline Credential Cracking
newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The implementation does not incorporate per-user salts or computational cost controls, enabling attackers who obtain password hashes through database exposure, backup leakage, or other compromise vectors to...
CVE-2026-26219
newbee-mall stores and verifies user passwords using an unsalted MD5 hashing algorithm. The implementation does not incorporate per-user salts or computational cost controls, enabling attackers who obtain password hashes through database exposure, backup leakage, or other compromise vectors to...
newbee-mall 加密问题漏洞
newbee-mall is an e-commerce system developed by newbee with open source. newbee-mall has encryption-related vulnerabilities; these vulnerabilities stem from the use of the unsalted MD5 hash algorithm for storing and verifying user passwords. This allows attackers to quickly recover plaintext...
PT-2026-7888
Name of the Vulnerable Software and Affected Versions newbee-mall affected versions not specified Description The software stores and verifies user passwords using an unsalted MD5 hashing algorithm. This implementation lacks per-user salts and computational cost controls. Attackers obtaining...
[SECURITY] Fedora 42 Update: rust-tealdeer-1.7.2-4.fc42
Fetch and show tldr help pages for many CLI commands. Full featured offline client with caching support...
[SECURITY] Fedora 43 Update: rust-tealdeer-1.7.2-4.fc43
Fetch and show tldr help pages for many CLI commands. Full featured offline client with caching support...
The Role of Learning in Attacking Intrusion Detection Systems
Recent work on network attacks have demonstrated that ML-based network intrusion detection systems NIDS can be evaded with adversarial perturbations. However, these attacks rely on complex optimizations that have large computational overheads, making them impractical in many real-world settings. ...