Lucene search
K

36 matches found

NVD
NVD
added 2018/06/05 9:29 p.m.15 views

CVE-2018-1000194

A path traversal vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in FilePath.java, SoloFilePathFilter.java that allows malicious agents to read and write arbitrary files on the Jenkins master, bypassing the agent-to-master security subsystem protection...

8.1CVSS8AI score0.02612EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/06/05 9:0 p.m.18 views

CVE-2018-1000194

A path traversal vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in FilePath.java, SoloFilePathFilter.java that allows malicious agents to read and write arbitrary files on the Jenkins master, bypassing the agent-to-master security subsystem protection...

8AI score0.02612EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/05/15 9:29 p.m.23 views

CVE-2017-2602

jenkins before versions 2.44, 2.32.2 is vulnerable to an improper blacklisting of the Pipeline metadata files in the agent-to-master security subsystem. This could allow metadata files to be written to by malicious agents SECURITY-358...

4.3CVSS6.3AI score0.01611EPSS
Exploits0References2
Prion
Prion
added 2018/05/15 9:29 p.m.18 views

Input validation

jenkins before versions 2.44, 2.32.2 is vulnerable to an improper blacklisting of the Pipeline metadata files in the agent-to-master security subsystem. This could allow metadata files to be written to by malicious agents SECURITY-358...

4CVSS4.8AI score0.01611EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2018/05/15 9:0 p.m.19 views

CVE-2017-2602

jenkins before versions 2.44, 2.32.2 is vulnerable to an improper blacklisting of the Pipeline metadata files in the agent-to-master security subsystem. This could allow metadata files to be written to by malicious agents SECURITY-358...

3.1CVSS4.7AI score0.01611EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/05/11 12:0 a.m.15 views

FreeBSD : jenkins -- multiple vulnerabilities (06ab7724-0fd7-427e-a5ce-fe436302b10c)

Jenkins developers report : The agent to master security subsystem ensures that the Jenkins master is protected from maliciously configured agents. A path traversal vulnerability allowed agents to escape whitelisted directories to read and write to files they should not be able to access. Black...

5.6AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/03/16 12:0 a.m.6 views

The vulnerability of the Android operating system, which allows a hacker to execute code within the context of a privileged process

The vulnerability of the Android operating system’s security subsystem is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute code within the context of a privileged process, using a local malware application...

9.3CVSS7.3AI score0.01823EPSS
Exploits0References2
NVD
NVD
added 2017/03/08 1:59 a.m.20 views

CVE-2017-0528

An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation...

9.3CVSS7.1AI score0.01823EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2017/03/08 1:59 a.m.45 views

CVE-2017-0528

An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation...

9.3CVSS7.2AI score0.01823EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/03/08 12:0 a.m.218 views

Jenkins < 2.44 / 2.32.x < 2.32.2, Jenkins Operations Center < 1.625.22.1 / 2.7.22.0.1 / 2.32.2.1, and Jenkins Enterprise < 1.651.22.1 / 2.7.22.0.1 / 2.32.2.1 Multiple Vulnerabilities

The remote web server hosts a version of Jenkins that is prior to 2.44, or a version of Jenkins LTS prior to 2.32.2, or else a version of Jenkins Operations Center that is 1.625.x.y prior to 1.625.22.1, 2.7.x.0.y prior to 2.7.22.0.1, or 2.x.y.x prior to 2.32.2.1, or else a version of Jenkins...

9.8CVSS6.3AI score0.19191EPSS
Exploits2References23
RedhatCVE
RedhatCVE
added 2017/02/02 3:20 p.m.25 views

CVE-2017-2602

jenkins before versions 2.44, 2.32.2 is vulnerable to an improper blacklisting of the Pipeline metadata files in the agent-to-master security subsystem. This could allow metadata files to be written to by malicious agents SECURITY-358...

4.3CVSS4.5AI score0.01611EPSS
Exploits0References2
CNVD
CNVD
added 2016/11/09 12:0 a.m.5 views

Microsoft Windows Local Security Privilege Subsystem Service Denial of Service Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. A denial of service vulnerability exists in the Microsoft Windows Local Security Privilege Subsystem service. A remote attacker exploiting the vulnerability could cause a denial of service attack via a...

6.8CVSS6.6AI score0.64817EPSS
Exploits2References1
Debian CVE
Debian CVE
added 2016/02/08 2:0 a.m.37 views

CVE-2015-8539

The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service BUG via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/userdefined.c...

7.8CVSS6.8AI score0.00427EPSS
Exploits0
Cvelist
Cvelist
added 2015/09/28 1:0 a.m.22 views

CVE-2015-6279

The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3...

6.4AI score0.03219EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/09/28 1:0 a.m.23 views

CVE-2015-6278

The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3...

6.4AI score0.03219EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/07/14 12:0 a.m.49 views

Juniper Networks Junos OS SRX NSD Denial of Service Vulnerability

Junos OS is prone to a DoS vulnerability in the Network Security Daemon. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5CVSS5.2AI score0.01291EPSS
Exploits0References1
Rows per page
Query Builder