GHSA-6967-9VVV-4CMM Exposure of Sensitive Information to an Unauthorized Actor in Jenkins

Jenkins before versions 2.44 and 2.32.2 is vulnerable to an information exposure in the internal API that allows access to item names that should not be visible SECURITY-380. This only affects anonymous users other users legitimately have access that were able to get a list of items via an...

CVE-2015-5005

CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote authenticated users to perform an "su root" action by leveraging presence on the cluster-wide password-change list...

CVE-2008-5264

Cross-site scripting XSS vulnerability in searcher.exe in Tornado Knowledge Retrieval System 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the p parameter in a root action...

CVE-2008-1132

Net Activity Viewer 0.2.1 has an untrusted search path vulnerability in src/mainwindow.c, enabling local users with Net Activity Viewer privileges to execute arbitrary code via a malicious gksu invoked during Restart As Root. Impact: arbitrary code execution with the caller's privileges. Exploita...