EUVD-2021-22132

Malware in sbrugna...

[SECURITY] Fedora 42 Update: binutils-2.44-6.fc42

Binutils is a collection of binary utilities, including ar for creating, modifying and extracting from archives, as a family of GNU assemblers, gprof for displaying call graph profile data, ld the GNU linker, nm for listing symbols from object files, objcopy for copying and translating object...

GNU Binutils Resource Management Error Vulnerability

GNU Binutils is a binary toolset developed by the GNU Project to handle operations such as target files, assembly and linking. A memory leak vulnerability exists in GNU Binutils version 2.44, which originates from a processdebuginfo function handling exception in the binutils/dwarf.c file in the...

DEBIAN-CVE-2025-8224

A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfdelfgetstrsection of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack...

Amazon Linux 2 : gcc10-binutils (ALAS-2025-2772)

The version of gcc10-binutils installed on the remote host is prior to 2.35.2-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2772 advisory. A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function...

PT-2022-22053 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins Date Parameter Plugin versions 0.0.4 and earlier Description: The issue is a stored cross-site scripting XSS vulnerability that occurs because the Jenkins Date Parameter Plugin does not escape the name and description of Date paramete...

PT-2022-20424 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins vboxwrapper Plugin versions 1.3 and earlier Description: The Jenkins vboxwrapper Plugin does not escape the name and description of VBox node parameters on views displaying parameters, resulting in a stored cross-site scripting XSS...

GHSA-6967-9VVV-4CMM Exposure of Sensitive Information to an Unauthorized Actor in Jenkins

Jenkins before versions 2.44 and 2.32.2 is vulnerable to an information exposure in the internal API that allows access to item names that should not be visible SECURITY-380. This only affects anonymous users other users legitimately have access that were able to get a list of items via an...

Cross-Site Request Forgery in Jenkins

jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases, administrators' web browsers could be manipulated to create a large number of user records SECURITY-406...

USN-4608-1 ca-certificates update

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.44 version of the Mozilla certificate authority bundle...

CVE-2017-2602

jenkins before versions 2.44, 2.32.2 is vulnerable to an improper blacklisting of the Pipeline metadata files in the agent-to-master security subsystem. This could allow metadata files to be written to by malicious agents SECURITY-358...

CVE-2017-2608

Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs SECURITY-383...

Cross site scripting

Jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in parameter names and descriptions SECURITY-353. Users with the permission to configure jobs were able to inject JavaScript into parameter names and descriptions...

CVE-2017-2606

Jenkins before versions 2.44, 2.32.2 is vulnerable to an information exposure in the internal API that allows access to item names that should not be visible SECURITY-380. This only affects anonymous users other users legitimately have access that were able to get a list of items via an...

CVE-2017-2599

Jenkins before versions 2.44 and 2.32.2 is vulnerable to an insufficient permission check. This allows users with permissions to create new items e.g. jobs to overwrite existing items they don't have access to SECURITY-321...

XnView Multiple Vulnerabilities

XnView is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xnview:xnview"; ifdescription...

CVE-2017-2609

jenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions SECURITY-385. The autocomplete feature on the search box discloses the names of the views in its suggestions, including the ones for which the current user does not have access to...

Active Perl Modules Multiple Vulnerabilities (Windows)

The host is installed with Active Perl and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbactiveperlmodulesmultvulnwin.nasl 6115 2017-05-12 09:03:25Z teissa $ Active Perl Modules Multiple Vulnerabilities Windows Authors: Arun Kallavi Copyright: Copyright c 2012 Greenbone...