2242 matches found
Command injection
JetBrains TeamCity before 2021.2.3 was vulnerable to OS command injection in the Agent Push feature configuration...
CVE-2022-25263
CVE-2022-25263 affects JetBrains TeamCity prior to 2021.2.3 and describes an OS command injection in the Agent Push feature configuration. The provided records consistently indicate this as a vulnerability in TeamCity, with multiple sources reiterating the same issue (lack of filtering/escaping o...
CVE-2022-25263
JetBrains TeamCity before 2021.2.3 was vulnerable to OS command injection in the Agent Push feature configuration...
CVE-2022-24334
In JetBrains TeamCity before 2021.2.1, the Agent Push feature allowed selection of any private key on the server...
CVE-2022-24334
In JetBrains TeamCity before 2021.2.1, the Agent Push feature allowed selection of any private key on the server...
CVE-2022-24334
In JetBrains TeamCity before 2021.2.1, the Agent Push feature allowed selection of any private key on the server...
Design/Logic Flaw
In JetBrains TeamCity before 2021.2.1, the Agent Push feature allowed selection of any private key on the server...
CVE-2022-24334
CVE-2022-24334 affects JetBrains TeamCity prior to 2021.2.1, where the Agent Push feature allowed an unprivileged user to select any private key on the server. The Red Hat, CNVD, NVD, and CVE records corroborate this as an access-control/key-selection flaw within TeamCity’s Agent Push. The JetBra...
CVE-2022-24334
In JetBrains TeamCity before 2021.2.1, the Agent Push feature allowed selection of any private key on the server...
JetBrains TeamCity 操作系统命令注入漏洞
JetBrains TeamCity is a distributed build management and continuous integration tool from JetBrains Czech Republic. JetBrains TeamCity is vulnerable to an operating system command injection vulnerability that stems from a lack of filtering and escaping of system commands in the Agent Push feature...
JetBrains TeamCity 访问控制错误漏洞
JetBrains TeamCity is a distributed build management and continuous integration tool from JetBrains Jetbrains. An access control error vulnerability exists in JetBrains TeamCity, which stems from the fact that the product does not effectively restrict permissions for the Agent Push feature. An...
UBUNTU-CVE-2021-3596
A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt and uses the value directly, which leads to a crash and segmentation fault...
ImageMagick 代码问题漏洞
Imagemagick Studio ImageMagick is a set of open source image processing software from the American company ImageMagick Studio Imagemagick Studio. The software can read, convert, or write images in a variety of formats.ImageMagick has a security vulnerability that stems from a null pointer...
Talisman - By Hooking Into The Pre-Push Hook Provided By Git, Talisman Validates The Outgoing Changeset For Things That Look Suspicious
A tool to detect and prevent secrets from getting checked in What is Talisman? Talisman is a tool that installs a hook to your repository to ensure that potential secrets or sensitive information do not leave the developer's workstation. It validates the outgoing changeset for things that look...
The vulnerability in the implementation of Google Chrome’s push-notifications allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of Google Chrome’s browser push-notifications implementation is related to improper security checks for standard elements. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
DEBIAN-CVE-2022-0294
Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...
CVE-2022-0294
Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...
CVE-2022-0294
Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...
CVE-2022-0294
Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...
UBUNTU-CVE-2022-0294
Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...