8 matches found
CVE-2024-7240
F-Secure Total Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of F-Secure Total. User interaction on the part of an administrator is required to exploit this vulnerability. The specific flaw exist...
F-Secure Total 后置链接漏洞
F-Secure Total is an online protection program from Finnish company Fen Security F-Secure. F-Secure Total suffers from a backlink vulnerability that stems from improper handling of symbolic links in the WithSecure plugin hosting service, which could allow a local attacker to leverage administrato...
CVE-2024-4454
WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. User interaction on the part of an administrator is required to...
CVE-2024-4454
WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. User interaction on the part of an administrator is required to...
PT-2024-31167 · Withsecure · Withsecure Elements Endpoint Protection
Name of the Vulnerable Software and Affected Versions: WithSecure Elements Endpoint Protection affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. User interaction on the part o...
GHSA-PQG3-XFX2-FMQP Cross site scripting vulnerability in update-center2
Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core version on plugin download index pages without sanitization, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a plugin for hosting...
CVE-2023-27905
Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core version on plugin download index pages without sanitization, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a plugin for hosting...
Cross site scripting
Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core version on plugin download index pages without sanitization, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a plugin for hosting...