EUVD-2022-5531

Malicious code in bioql PyPI...

CVE-2019-10309

Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use UDP broadcasts to discover Jenkins masters do not prevent XML External Entity processing when processing the responses, allowing unauthorized attackers on the same network to read arbitrary files from Swarm clients...

Faronics Insight 安全漏洞

Faronics Insight is an effective classroom management tool from Faronics Canada. A security vulnerability exists in Faronics Insight version 10.0.19045, which stems from discovering the system through misuse of Insight UDP broadcasts, which allows the student's end to connect and attack the...

Xxe

Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use UDP broadcasts to discover Jenkins masters do not prevent XML External Entity processing when processing the responses, allowing unauthorized attackers on the same network to read arbitrary files from Swarm clients...

CVE-2019-10309

The CVE-2019-10309 entry concerns the Jenkins Swarm Plugin (Swarm Client) where UDP-based master discovery responses are XML documents that are parsed without proper XXE protection. This XXE flaw could allow an unauthenticated attacker on the same network to read arbitrary files from Swarm client...

AppSecInc Security Alert: Buffer Overflow in UDP broadcasts for Microsoft SQL Server client utilities

Buffer Overflow in UDP broadcasts for Microsoft SQL Server client utilities Risk level: High Summary: A Unicode buffer overflow exists in MDAC which is used by the SQL Server SQL-DMO library that could allow a remote user to execute malicious code on the target computer. The vulnerability does no...