31 matches found
authorized-pentest
authorized-pentest A runbook-style Claude Code skill for runn...
CVE-2026-27208
Bleon-ethical/api-gateway-deploy is affected in v1.0.0 by OS Command Injection and Privilege Escalation that can grant root privileges inside the container, potentially enabling container escape and unauthorized infra changes. The issue is fixed in v1.0.1 through: (1) strict input sanitization an...
EUVD-2021-24648
Malware in sbrugna...
EUVD-2022-2776
Malicious code in bioql PyPI...
EUVD-2022-4015
Malicious code in bioql PyPI...
CVE-2020-2151
Jenkins Quality Gates Plugin 2.5 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...
GHSA-GVCJ-72H4-8XM9 Jenkins Quality Gates Plugin transmits credentials in plain text during configuration
Quality Gates Plugin stores credentials in its global configuration file quality.gates.jenkins.plugin.GlobalConfig.xml on the Jenkins controller as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the configuration form b...
Jenkins Sonar Quality Gates Plugin transmits credentials in plain text during configuration
Sonar Quality Gates Plugin stores credentials in its global configuration file org.quality.gates.jenkins.plugin.GlobalConfig.xml on the Jenkins controller as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the...
Jenkins Quality Gates Plugin transmits credentials in plain text during configuration
Quality Gates Plugin stores credentials in its global configuration file quality.gates.jenkins.plugin.GlobalConfig.xml on the Jenkins controller as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the configuration form b...
GHSA-6FH3-XHWG-7HFH Jenkins Sonar Quality Gates Plugin transmits credentials in plain text during configuration
Sonar Quality Gates Plugin stores credentials in its global configuration file org.quality.gates.jenkins.plugin.GlobalConfig.xml on the Jenkins controller as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the...
SAP NetWeaver AS ABAP Multiple Vulnerabilities (Oct 2021)
Multiple vulnerabilities may be present in SAP NetWeaver Application Server ABAP, including the following: - SAP NetWeaver AS ABAP and ABAP Platform - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, allows an attacker to prevent legitimate users from accessing a service,...
CVE-2021-38178
The software logistics system of SAP NetWeaver AS ABAP and ABAP Platform versions - 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, enables a malicious user to transfer ABAP code artifacts or content, by-passing the established quality gates. By this vulnerability malicious...
CVE-2021-38178
CVE-2021-38178 affects SAP NetWeaver AS ABAP and ABAP Platform versions 700–756. The vulnerability allows a malicious user to transfer ABAP code artifacts or content by bypassing the established quality gates, enabling code to reach quality and production and potentially compromising confidential...
CVE-2021-38178
The software logistics system of SAP NetWeaver AS ABAP and ABAP Platform versions - 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, enables a malicious user to transfer ABAP code artifacts or content, by-passing the established quality gates. By this vulnerability malicious...
SAP NetWeaver AS 安全漏洞
SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but is also the basic platform for SAP software. SAP NetWeaver AS ABAP and ABAP Platform versions 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756 have a security vulnerabilit...
PT-2021-6087 · Sap · Sap Netweaver As Abap +1
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP and ABAP Platform versions 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756 Description: The software logistics system enables a malicious user to transfer ABAP code artifacts or content, bypassing th...
Clean As You Code essentials - What are Quality Profiles and Quality Gates?
In this blog, well focus on rules, Quality Profiles and Quality Gates. These elements are the building blocks of an effective Clean As You Code strategy. After reading this article, you’ll have a better understanding of what they are and how they’re used in the pursuit of clean, quality code for...
Unspecified Vulnerability in CloudBees Jenkins Quality Gates Plugin
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/testing project and some timed tasks . Quality Gates Plugin is used in which a...
Unspecified Vulnerability in CloudBees Jenkins Sonar Quality Gates Plugin
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . Sonar Quality Gates Plugin is used in which a...
CVE-2020-2150
Jenkins Sonar Quality Gates Plugin 1.3.1 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...