RHCOS 3 : Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:1423)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1423 advisory. - jenkins-plugin-script-security: Sandbox bypass in Script Security Plugin and Pipeline: Groovy Plugin SECURITY-1353 CVE-2019-100304...

CVE-2026-24844 melange pipeline working-directory could allow command injection

melange allows users to build apk packages using declarative pipelines. From version 0.3.0 to before 0.40.3, an attacker who can provide build input values, but not modify pipeline definitions, could execute arbitrary shell commands if the pipeline uses $vars. or $inputs. substitutions in...

EUVD-2022-7015

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-7110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab EE affecting all versions starting 17.0 to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1 allows an attacker to execut...

CVE-2018-14604

An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the tooltip of the job inside the CI/CD pipeline...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3528)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3528 advisory. kernel-uek 3.8.13-118.4.2 - pipe: Fix buffer offset after partially failed read Ben Hutchings Orabug: 22985903 CVE-2016-0774 CVE-2015-1805 CVE-2016-0774...