Lucene search
K

8 matches found

Github Security Blog
Github Security Blog
added 2022/05/24 5:39 p.m.28 views

Missing permission check for paths with specific prefix in Jenkins

Jenkins includes a static list of URLs that are always accessible even without Overall/Read permission, such as the login form. These URLs are excluded from an otherwise universal permission check. Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not correctly compare requested URLs with...

5.3CVSS1.9AI score0.01307EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2019/01/16 5:11 p.m.3 views

ansible: ansible.cfg is being read from current working directory allowing possible code execution

It was found that ansible.cfg is being read from the current working directory, which can be made to point to plugin or module paths that are under control of the attacker. This could allow an attacker to execute arbitrary code...

7.8CVSS7.4AI score0.00587EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/12/05 7:1 p.m.1 views

ansible: ansible.cfg is being read from current working directory allowing possible code execution

It was found that ansible.cfg is being read from the current working directory, which can be made to point to plugin or module paths that are under control of the attacker. This could allow an attacker to execute arbitrary code...

7.8CVSS7.4AI score0.00587EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/07/31 5:49 p.m.5 views

ansible: ansible.cfg is being read from current working directory allowing possible code execution

It was found that ansible.cfg is being read from the current working directory, which can be made to point to plugin or module paths that are under control of the attacker. This could allow an attacker to execute arbitrary code...

7.8CVSS7.4AI score0.00587EPSS
Exploits0References4
OSV
OSV
added 2018/07/13 12:0 a.m.2 views

UBUNTU-CVE-2018-10875

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code...

9.8CVSS7AI score0.00587EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/07/10 5:20 p.m.5 views

ansible: ansible.cfg is being read from current working directory allowing possible code execution

It was found that ansible.cfg is being read from the current working directory, which can be made to point to plugin or module paths that are under control of the attacker. This could allow an attacker to execute arbitrary code...

7.8CVSS7.4AI score0.00587EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/10/08 12:0 a.m.35 views

SuSE 11.3 Security Update : mysql, mysql-client (SAT Patch Number 8364)

This version upgrade of mysql to 5.5.33 fixed multiple security issues : - CVE-2013-1861 / CVE-2013-3783 / CVE-2013-3793 / CVE-2013-3794 - CVE-2013-3795 / CVE-2013-3796 / CVE-2013-3798 / CVE-2013-3801 - CVE-2013-3802 / CVE-2013-3804 / CVE-2013-3805 / CVE-2013-3806 - CVE-2013-3807 / CVE-2013-3808 ...

5.8CVSS6.3AI score0.18675EPSS
Exploits3References47
Tenable Nessus
Tenable Nessus
added 2013/08/30 12:0 a.m.36 views

SuSE 11.3 Security Update : MySQL (SAT Patch Number 8217)

This version upgrade of mysql to 5.5.32 fixes multiple security issues : CVE-2013-1861 / CVE-2013-3783 / CVE-2013-3793 / CVE-2013-3794 / CVE-2013-3795 / CVE-2013-3796 / CVE-2013-3798 / CVE-2013-3801 / CVE-2013-3802 / CVE-2013-3804 / CVE-2013-3805 / CVE-2013-3806 / CVE-2013-3807 / CVE-2013-3808 /...

5.8CVSS6.3AI score0.18675EPSS
Exploits3References45
Rows per page
Query Builder