PT-2022-2893 · Microsoft · Azure Site Recovery

Name of the Vulnerable Software and Affected Versions: Azure Site Recovery affected versions not specified Description: The issue is related to an information disclosure vulnerability. Exploitation of this issue may allow a remote attacker to gain unauthorized access to protected information...

PT-2022-2839 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in the code of the Windows operating system, allowing a remote attacker to execute arbitrary code. This can potentially affect the system. Recommendations: At...

PT-2022-2904 · Microsoft · Windows Print Spooler +1

Name of the Vulnerable Software and Affected Versions: Windows Print Spooler affected versions not specified Description: The issue is related to the Windows Print Spooler's insecure management of privileges, allowing an attacker to elevate their privileges. This can affect the system...

PT-2022-2939 · Microsoft · Windows Print Spooler +1

Name of the Vulnerable Software and Affected Versions: Windows Print Spooler affected versions not specified Description: The issue is related to insecure privilege management in the Windows Print Spooler. It allows an attacker to elevate their privileges, potentially affecting the system. No...

PT-2022-2662 · Microsoft · Windows Telephony Service +1

Name of the Vulnerable Software and Affected Versions: Windows Telephony Service affected versions not specified Description: The issue is related to insecure privilege management in the Windows Telephony Service of Windows operating systems. It allows an attacker to elevate their privileges. Thi...

PT-2022-2665 · Microsoft · Dynamics 365 On-Premises

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics 365 On-Premises affected versions not specified Description: The issue is related to insecure privilege management in Microsoft Dynamics 365. Exploitation of this issue may allow an attacker to execute arbitrary code...

PT-2022-14323 · Vow · Vow

Name of the Vulnerable Software and Affected Versions: vow affected versions not specified Description: The issue is related to a possible memory corruption due to a race condition, which could lead to local escalation of privilege. System execution privileges are needed for exploitation, and use...

PT-2022-10425 · Qualcomm · Snapdragon Connectivity +7

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto affected versions not specified Snapdragon Compute affected versions not specified Snapdragon Connectivity affected versions not specified Snapdragon Consumer IOT affected versions not specified Snapdragon Industrial IOT...

CVE-2022-28136

A cross-site request forgery CSRF vulnerability in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2022-28136

A cross-site request forgery CSRF vulnerability in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2022-0283

An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL...

Open redirect

An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL...

PT-2022-7715 · Ibm · Blackice Pc Protection

Name of the Vulnerable Software and Affected Versions: ISS BlackICE PC Protection affected versions not specified Description: A vulnerability was found in the Update Handler component of ISS BlackICE PC Protection, allowing cleartext transmission of data. This issue is declared as problematic an...

[SECURITY] Fedora 35 Update: ghc-cmark-gfm-0.2.3-1.fc35

This package provides Haskell bindings for , the reference parser for , a fully specified variant of Markdown. It includes sources for libcmark-gfm 0.29.0.gfm.3 and does not require prior installation of the C library...

Jenkins CloudBees AWS Credentials Plugin Cross-Site Request Forgery Vulnerability

Jenkins is a software project, a Java-based continuous integration tool for monitoring continuously recurring work, designed to provide an open and easy-to-use software platform that allows software projects to be continuously integrated. Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995...

GHSA-P9GQ-76FJ-4P4P Missing permission checks in Jenkins Release Helper Plugin

A missing permission check in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2022-27214

A cross-site request forgery CSRF vulnerability in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2022-27204

A cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a86c and earlier allows attackers to connect to an attacker-specified URL...

CVE-2022-27199

A missing permission check in Jenkins CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier allows attackers with Overall/Read permission to connect to an AWS service using an attacker-specified token...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...