Lucene search
K

6 matches found

CVE
CVE
added 2023/01/24 12:0 a.m.222 views

CVE-2023-24439

CVE-2023-24439 affects Jenkins JIRA Pipeline Steps Plugin (versions up to 2.0.165.v8846cf59f3db). The vulnerability arises from storing private keys unencrypted in the plugin’s global configuration file on the Jenkins controller (org.thoughtslive.jenkins.plugins.jira.JiraStepsConfig.xml), which c...

5.5CVSS5.4AI score0.00203EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2022/04/13 12:0 a.m.33 views

Jenkins Google Compute Engine Plugin has an unspecified vulnerability

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.A security vulnerability exists in the Jenkins Google Compute Engine Plugin, which stems from storing unencrypted private...

4.3CVSS1.9AI score0.00724EPSS
Exploits0References1
CVE
CVE
added 2022/04/12 7:50 p.m.112 views

CVE-2022-29052

CVE-2022-29052 affects Jenkins Google Compute Engine Plugin 4.3.8 and earlier, which stores private keys unencrypted in cloud agent config.xml on the Jenkins controller, enabling viewing by users with Extended Read permission or filesystem access. This exposes sensitive keys; no exploit details a...

4.3CVSS4.7AI score0.00724EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2012/08/06 4:0 p.m.23 views

CVE-2011-4447

The "encrypt wallet" feature in wxBitcoin and bitcoind 0.4.x before 0.4.1, and 0.5.0rc, does not properly interact with the deletion functionality of BSDDB, which allows context-dependent attackers to obtain unencrypted private keys from Bitcoin wallet files by bypassing the BSDDB interface and...

6.4AI score0.0163EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2012/08/06 4:0 p.m.27 views

CVE-2011-4447

Removed by vendor...

4.3CVSS7AI score0.0163EPSS
Exploits0
FreeBSD
FreeBSD
added 2011/12/23 12:0 a.m.21 views

FreeBSD -- pam_ssh improperly grants access when user account has unencrypted SSH private keys

Problem Description: The OpenSSL library call used to decrypt private keys ignores the passphrase argument if the key is not encrypted. Because the pamssh module only checks whether the passphrase provided by the user is null, users with unencrypted SSH private keys may successfully authenticate...

2.1AI score
Exploits0
Rows per page
Query Builder