670 matches found
CVE-2019-10399
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10400
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10394
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10400
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts...
Security feature bypass
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts...
Security feature bypass
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts...
Security feature bypass
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10400
The connected advisories identify a sandbox bypass in Jenkins Script Security Plugin affecting versions 1.62 and earlier, caused by improper handling of subexpressions in increment/decrement expressions not involving assignment. Impact: attackers could run arbitrary code within sandboxed Groovy s...
CVE-2019-10399
The CVE-2019-10399 entry concerns Jenkins Script Security Plugin (versions 1.62 and earlier). The root cause is in the handling of property names within property expressions in increment/decrement expressions, enabling attackers to execute arbitrary code within sandboxed scripts. The available co...
CVE-2019-10393
The CVE-2019-10393 entry concerns a sandbox bypass in Jenkins Script Security Plugin (version 1.62 and earlier). The connected documents describe a flaw in how method names are handled in method call expressions, which could allow an attacker to bypass the sandbox and execute arbitrary code withi...
CVE-2019-10399
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10394
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10400
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allowed attackers to execute arbitrary code in sandboxed scripts...
PT-2019-11794 · Jenkins · Jenkins Script Security Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1.62 and earlier Description: A sandbox bypass issue related to the handling of subexpressions in increment and decrement expressions not involving actual assignment allows attackers to execute arbitrar...
PT-2019-11788 · Jenkins · Jenkins Script Security Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1.62 and earlier Description: A sandbox bypass issue related to the handling of property names in property expressions on the left-hand side of assignment expressions allows attackers to execute arbitra...
PT-2019-11793 · Jenkins · Jenkins Script Security Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1.62 and earlier Description: A sandbox bypass issue related to the handling of property names in property expressions in increment and decrement expressions allows attackers to execute arbitrary code i...
WordPress total-security plugin input validation error vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. total-security is a website security vulnerability scanning plugin used in it. An input validation error vulnerability exists in the...
WordPress total-security plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. total-security is a website security vulnerability scanning plugin used in it. A cross-site scripting vulnerability exists in the...
CVE-2016-10898
The total-security plugin before 3.4.1 for WordPress has XSS...
CVE-2016-10899
The total-security plugin before 3.4.1 for WordPress has a settings-change vulnerability...