PT-2021-13364 · Astra Linux · Astra Linux

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The provided descriptions do not contain sufficient information to summarize the key details about the issue. Recommendations: At the moment, there is n...

PT-2020-12599 · Qualcomm · Qualcomm Adreno Gpu

Name of the Vulnerable Software and Affected Versions: Qualcomm Adreno GPU affected versions not specified Description: The issue concerns a shared mapping leak due to PID reuse in the Qualcomm Adreno GPU. Recommendations: At the moment, there is no information about a newer version that contains...

PT-2020-5271 · Microsoft · Windows Backup Engine +1

Name of the Vulnerable Software and Affected Versions: Windows Backup Engine affected versions not specified Description: The issue is related to insecure privilege management in the Windows Backup Engine component of the Windows operating system. Exploitation of this issue may allow an attacker ...

PT-2020-5264 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint affected versions not specified Description: The issue is related to errors in the code of Microsoft SharePoint, which can be exploited by a remote attacker to execute arbitrary code. This allows the attacker to perform...

CVE-2020-4566

IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 stores potentially highly sensitive information in log files that could be read by an authenticated user. IBM X-Force ID: 184083...

PT-2020-4818 · Microsoft · Azure Sphere

Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to insufficient access control in the Azure Sphere operating system. Exploitation of this issue may allow an attacker to elevate their privileges. Recommendations:...

PT-2020-4683 · Microsoft · Exchange Server

Name of the Vulnerable Software and Affected Versions: Microsoft Exchange Server affected versions not specified Description: The issue is caused by a buffer overflow in memory, allowing a remote attacker to execute arbitrary code. This can be exploited by a remote attacker to gain unauthorized...

PT-2020-4814 · Microsoft · Azure Sphere

Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to incorrect code generation management in the Azure Sphere operating system. Exploitation of this issue may allow an attacker to execute arbitrary code using a...

PT-2020-4693 · Microsoft · Chakra Scripting Engine +1

Name of the Vulnerable Software and Affected Versions: Chakra Scripting Engine affected versions not specified Description: The issue is caused by a buffer overflow in memory, allowing a remote attacker to disclose protected information. It affects the Chakra scripting engine, potentially enablin...

PT-2020-4771 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint affected versions not specified Description: The issue is related to errors in code generation management in Microsoft SharePoint. It allows remote attackers to execute arbitrary code. Recommendations: At the moment, ther...

PT-2020-4765 · Microsoft · Azure Sphere

Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to errors in privilege management within the Azure Sphere operating system. Exploitation of this issue may allow a remote attacker to elevate their privileges...

PT-2023-13770 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: The issue is related to insufficient limitations in some quiz web services, allowing students to bypass sequential navigation during a quiz attempt. Recommendations: At the moment, there is ...

Important: Red Hat Security Advisory: OpenShift Container Platform 3.11.306 jenkins security update

An update for jenkins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CloudBees Jenkins ElasTest Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site request forgery...

CVE-2020-9946

This issue was addressed with improved checks. This issue is fixed in iOS 14.0 and iPadOS 14.0, watchOS 7.0. The screen lock may not engage after the specified time period...

CVE-2020-9946

This issue was addressed with improved checks. This issue is fixed in iOS 14.0 and iPadOS 14.0, watchOS 7.0. The screen lock may not engage after the specified time period...

Cross-Site Scripting (XSS)

jenkins is vulnerable to cross-site scripting XSS. An attacker is able to inject and execute arbitrary Javascript in a user's browser via the user-specified tooltip values...

ASB-A-160605508

Bulletin has no description...

A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.

...

CVE-2020-2276

Jenkins Selection tasks Plugin 1.0 and earlier executes a user-specified program on the Jenkins controller, allowing attackers with Job/Configure permission to execute an arbitrary system command on the Jenkins controller as the OS user that the Jenkins process is running as...