23 matches found
PT-2026-30198
Name of the Vulnerable Software and Affected Versions mlflow/mlflow affected versions not specified Description The FastAPI job endpoints under /ajax-api/3.0/jobs/ in mlflow/mlflow are not protected by authentication or authorization when the basic-auth app is enabled. If job execution is enabled...
LinkedIn Job Scams
Interesting article on the variety of LinkedIn job scams around the world: In India, tech jobs are used as bait because the industry employs millions of people and offers high-paying roles. In Kenya, the recruitment industry is largely unorganized, so scamsters leverage fake personal referrals. I...
PT-2025-43988
Name of the Vulnerable Software and Affected Versions BAE SOCET GXP versions prior to 4.6.0.2 Description The SOCET GXP Job Service lacks authentication. This may permit remote users to submit jobs, or local users to submit jobs that execute with the permissions of other users. Recommendations...
EUVD-2013-4208
Malware in sbrugna...
CVE-2019-10422
Jenkins Call Remote Job Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
The vulnerability of the Jenkins automation server’s monitor-remote-job plugin, related to deficiencies in access control, allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Jenkins automation server’s “monitor-remote-job” plugin is related to deficiencies in access control, resulting from passwords being stored publicly in the config.xml file. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protecte...
CVE-2025-31725
CVE-2025-31725 affects the Jenkins monitor-remote-job Plugin (version 1.0). The issue is that passwords are stored in plaintext in job config.xml files on the Jenkins controller, and can be viewed by users with Extended Read permission or with access to the controller filesystem. The existing con...
Jenkins plugin monitor-remote-job 访问控制错误漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...
PT-2025-14515 · Jenkins +1 · Jenkins +1
Name of the Vulnerable Software and Affected Versions: Jenkins monitor-remote-job Plugin version 1.0 Description: The issue allows passwords to be stored unencrypted in job config.xml files on the Jenkins controller. These passwords can be viewed by users with Extended Read permission or those wh...
I spoke to a task scammer. Here’s how it went
Tasks scam are surging, with a year over year increase of 400%. So I guess it should have been no surprise when I was contacted by a task scammer on X recently. Task scammers prey on people looking for remote jobs by offering them simple repetitive tasks such as liking videos, optimizing apps,...
Red Hat Satellite 安全漏洞
Red Hat Satellite is a suite of system management platforms from Red Hat, an American company. The platform can be used to extend Linux infrastructures and provide system management functions such as administration, configuration, and monitoring. A security vulnerability exists in Red Hat Satelli...
GHSA-J8C7-FM85-6JJ6 Jenkins Call Remote Job Plugin has Insufficiently Protected Credentials
Call Remote Job Plugin stores a password unencrypted in job config.xml files on the Jenkins controller. This password can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...
Jenkins Call Remote Job Plugin has Insufficiently Protected Credentials
Call Remote Job Plugin stores a password unencrypted in job config.xml files on the Jenkins controller. This password can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...
How to Tell a Job Offer from an ID Theft Trap
One of the oldest scams around -- the fake job interview that seeks only to harvest your personal and financial data -- is on the rise, the FBI warns. Heres the story of a recent LinkedIn impersonation scam that led to more than 100 people getting duped, and one almost-victim who decided the job...
CVE-2019-10422
Jenkins Call Remote Job Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10422
Jenkins Call Remote Job Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10422
The CVE-2019-10422 entry concerns the Jenkins Call Remote Job Plugin, which stores credentials unencrypted in job config.xml files on the Jenkins master/controller. This plaintext storage enables disclosure to users with Extended Read permission or with access to the Jenkins master filesystem. Th...
CVE-2019-10422
Jenkins Call Remote Job Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
PT-2019-11816 · Jenkins · Jenkins Call Remote Job Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Call Remote Job Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within job config.xml files on the Jenkins master or controller. This allows users with Extende...
CloudBees Jenkins Call Remote Job Plugin Information Disclosure Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Call Remote Job Plugin is used in one of the...