36 matches found
EUVD-2023-1608
Malicious code in bioql PyPI...
EUVD-2022-4473
Malicious code in bioql PyPI...
EUVD-2022-2189
Malicious code in bioql PyPI...
EUVD-2022-5070
Malicious code in bioql PyPI...
CVE-2023-32990
A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a43 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method...
CVE-2023-32988
A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a43 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
Improper Access Control
Azure VM Agents is vulnerable to Improper Access Control. The vulnerability exists because the permission checks at endpoints are not properly configured which allows an attacker to gain read access and enumerate credential ID's...
Jenkins Azure VM Agents Plugin missing permission checks
Jenkins Azure VM Agents Plugin 852.v8d35f0960a43 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another...
CVE-2023-32990
A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a43 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method...
CVE-2023-32989
A cross-site request forgery CSRF vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a43 and earlier allows attackers to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method...
CVE-2023-32990
CVE-2023-32990 affects Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier. The root cause is missing permission checks in several HTTP endpoints, which allows attackers with Overall/Read permission to connect to an attacker-selected Azure Cloud server using credentials IDs obtained by ...
CVE-2023-32990
A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a43 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method...
CVE-2023-32989
A cross-site request forgery CSRF vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a43 and earlier allows attackers to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method...
CVE-2023-32989
CVE-2023-32989 describes a CSRF vulnerability in Jenkins Azure VM Agents Plugin (852.v8d35f0960a_43 and earlier). The flaw allows attackers with Overall/Read permission to connect to an attacker‑specified Azure Cloud server using attacker‑specified credentials IDs obtained through another method,...
CVE-2023-32988
A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a43 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2023-32988
CVE-2023-32988 affects Jenkins Azure VM Agents Plugin (852.v8d35f0960a_43 and earlier). The issue is a missing permission check on several HTTP endpoints, allowing users with Overall/Read permissions to enumerate credentials IDs stored in Jenkins. Exploitation details are not provided in the conn...
Jenkins Plugin Azure VM Agents 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2023-24120 · Jenkins · Jenkins Azure Vm Agents Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Azure VM Agents Plugin versions 852.v8d35f0960a 43 and earlier Description: A missing permission check in the Jenkins Azure VM Agents Plugin allows attackers with Overall/Read permission to enumerate credentials IDs of credentials...
PT-2023-24121 · Jenkins · Jenkins Azure Vm Agents Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Azure VM Agents Plugin versions 852.v8d35f0960a 43 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to an attacker-specified Azure Cloud server using attacker-specified credentials I...
Jenkins Plugin Azure VM Agents 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is a software application. A security vulnerability...