Search
Total
1247 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20616 | 1 Jenkins | 1 Credentials Binding | 2023-11-22 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins Credentials Binding Plugin 1.27 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read access to validate if a credential ID refers to a secret file credential and whether it's a zip file. | |||||
| CVE-2022-20614 | 2 Jenkins, Oracle | 2 Mailer, Communications Cloud Native Core Automated Test Suite | 2023-11-22 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname. | |||||
| CVE-2021-21694 | 1 Jenkins | 1 Jenkins | 2023-11-22 | 7.5 HIGH | 9.8 CRITICAL |
| FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any permissions in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. | |||||
| CVE-2021-21685 | 1 Jenkins | 1 Jenkins | 2023-11-22 | 6.4 MEDIUM | 9.1 CRITICAL |
| Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not check agent-to-controller access to create parent directories in FilePath#mkdirs. | |||||
| CVE-2022-25211 | 1 Jenkins | 1 Swamp | 2023-11-22 | 6.5 MEDIUM | 8.8 HIGH |
| A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials. | |||||
| CVE-2021-21687 | 1 Jenkins | 1 Jenkins | 2023-11-22 | 6.4 MEDIUM | 9.1 CRITICAL |
| Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not check agent-to-controller access to create symbolic links when unarchiving a symbolic link in FilePath#untar. | |||||
| CVE-2022-36912 | 1 Jenkins | 1 Openstack Heat | 2023-11-22 | N/A | 4.3 MEDIUM |
| A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | |||||
| CVE-2022-36914 | 1 Jenkins | 1 Files Found Trigger | 2023-11-22 | N/A | 4.3 MEDIUM |
| Jenkins Files Found Trigger Plugin 1.5 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | |||||
| CVE-2022-36913 | 1 Jenkins | 1 Openstack Heat | 2023-11-22 | N/A | 4.3 MEDIUM |
| Jenkins Openstack Heat Plugin 1.5 and earlier does not perform permission checks in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | |||||
| CVE-2021-21676 | 1 Jenkins | 1 Requests | 2023-11-22 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins requests-plugin Plugin 2.2.7 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to send test emails to an attacker-specified email address. | |||||
| CVE-2022-36883 | 1 Jenkins | 1 Git | 2023-11-22 | N/A | 7.5 HIGH |
| A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit. | |||||
| CVE-2022-36891 | 1 Jenkins | 1 Deployer Framework | 2023-11-22 | N/A | 4.3 MEDIUM |
| A missing permission check in Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier allows attackers with Item/Read permission but without Deploy Now/Deploy permission to read deployment logs. | |||||
| CVE-2022-36892 | 1 Jenkins | 1 Rhnpush-plugin | 2023-11-22 | N/A | 4.3 MEDIUM |
| Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace contents. | |||||
| CVE-2022-36893 | 1 Jenkins | 1 Rpmsign-plugin | 2023-11-22 | N/A | 4.3 MEDIUM |
| Jenkins rpmsign-plugin Plugin 0.5.0 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace contents. | |||||
| CVE-2022-36910 | 1 Jenkins | 1 Lucene-search | 2023-11-22 | N/A | 5.4 MEDIUM |
| Jenkins Lucene-Search Plugin 370.v62a5f618cd3a and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to reindex the database and to obtain information about jobs otherwise inaccessible to them. | |||||
| CVE-2022-36888 | 1 Jenkins | 1 Hashicorp Vault | 2023-11-22 | N/A | 6.5 MEDIUM |
| A missing permission check in Jenkins HashiCorp Vault Plugin 354.vdb_858fd6b_f48 and earlier allows attackers with Overall/Read permission to obtain credentials stored in Vault with attacker-specified path and keys. | |||||
| CVE-2022-34798 | 1 Jenkins | 1 Deployment Dashboard | 2023-11-22 | 3.5 LOW | 4.3 MEDIUM |
| Jenkins Deployment Dashboard Plugin 1.0.10 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials. | |||||
| CVE-2022-34810 | 1 Jenkins | 1 Rqm | 2023-11-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| A missing check in Jenkins RQM Plugin 2.8 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | |||||
| CVE-2022-34813 | 1 Jenkins | 1 Xpath Configuration Viewer | 2023-11-22 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to create and delete XPath expressions. | |||||
| CVE-2022-34811 | 1 Jenkins | 1 Xpath Configuration Viewer | 2023-11-22 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to access the XPath Configuration Viewer page. | |||||
| CVE-2022-34818 | 1 Jenkins | 1 Failed Job Deactivator | 2023-11-22 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs. | |||||
| CVE-2022-34796 | 1 Jenkins | 1 Deployment Dashboard | 2023-11-22 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Deployment Dashboard Plugin 1.0.10 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | |||||
| CVE-2022-43431 | 1 Jenkins | 1 Compuware Strobe Measurement | 2023-11-22 | N/A | 4.3 MEDIUM |
| Jenkins Compuware Strobe Measurement Plugin 1.0.1 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | |||||
| CVE-2023-30586 | 1 Nodejs | 1 Node.js | 2023-11-17 | N/A | 7.5 HIGH |
| A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. The attack complexity is high. However, the crypto.setEngine() API can be used to bypass the permission model when called with a compatible OpenSSL engine. The OpenSSL engine can, for example, disable the permission model in the host process by manipulating the process's stack memory to locate the permission model Permission::enabled_ in the host process's heap memory. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | |||||
| CVE-2022-28139 | 1 Jenkins | 1 Rocketchat Notifier | 2023-11-17 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. | |||||
| CVE-2022-28147 | 1 Jenkins | 1 Continuous Integration With Toad Edge | 2023-11-17 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | |||||
| CVE-2022-28144 | 1 Jenkins | 1 Proxmox | 2023-11-17 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Proxmox Plugin 0.7.0 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified host using attacker-specified username and password (perform a connection test), disable SSL/TLS validation for the entire Jenkins controller JVM as part of the connection test (see CVE-2022-28142), and test a rollback with attacker-specified parameters. | |||||
| CVE-2023-6001 | 1 Yugabyte | 1 Yugabytedb | 2023-11-16 | N/A | 7.5 HIGH |
| Prometheus metrics are available without authentication. These expose detailed and sensitive information about the YugabyteDB Anywhere environment. | |||||
| CVE-2023-43885 | 1 Tenda | 2 Rx9 Pro, Rx9 Pro Firmware | 2023-11-16 | N/A | 8.1 HIGH |
| Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device. | |||||
| CVE-2020-7343 | 1 Mcafee | 1 Agent | 2023-11-16 | 2.1 LOW | 5.5 MEDIUM |
| Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files. | |||||
| CVE-2021-39231 | 1 Apache | 1 Ozone | 2023-11-15 | 6.4 MEDIUM | 9.1 CRITICAL |
| In Apache Ozone versions prior to 1.2.0, Various internal server-to-server RPC endpoints are available for connections, making it possible for an attacker to download raw data from Datanode and Ozone manager and modify Ratis replication configuration. | |||||
| CVE-2022-3007 | 1 Syska | 2 Sw100 Smartwatch, Sw100 Smartwatch Firmware | 2023-11-14 | N/A | 8.1 HIGH |
| The vulnerability exists in Syska SW100 Smartwatch due to an improper implementation and/or configuration of Nordic Device Firmware Update (DFU) which is used for performing Over-The-Air (OTA) firmware updates on the Bluetooth Low Energy (BLE) devices. An unauthenticated attacker could exploit this vulnerability by setting arbitrary values to handle on the vulnerable device over Bluetooth. Successful exploitation of this vulnerability could allow the attacker to perform firmware update, device reboot or data manipulation on the target device. | |||||
| CVE-2023-5506 | 1 Imagemapper Project | 1 Imagemapper | 2023-11-14 | N/A | 4.3 MEDIUM |
| The ImageMapper plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'imgmap_delete_area_ajax' function in versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete arbitrary posts and pages. | |||||
| CVE-2020-35745 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 6.5 MEDIUM | 8.8 HIGH |
| PHPGURUKUL Hospital Management System V 4.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, doctors, patients, change admin password, get appointment history and access all session logs. | |||||
| CVE-2020-22176 | 1 Phpgurukul | 1 Hospital Management System | 2023-11-14 | 5.0 MEDIUM | 7.5 HIGH |
| PHPGurukul Hospital Management System in PHP v4.0 has a sensitive information disclosure vulnerability in multiple areas. Remote unauthenticated users can exploit the vulnerability to obtain user sensitive information. | |||||
| CVE-2023-5454 | 1 Templately | 1 Templately | 2023-11-14 | N/A | 7.5 HIGH |
| The Templately WordPress plugin before 2.2.6 does not properly authorize the `saved-templates/delete` REST API call, allowing unauthenticated users to delete arbitrary posts. | |||||
| CVE-2023-26035 | 1 Zoneminder | 1 Zoneminder | 2023-11-14 | N/A | 9.8 CRITICAL |
| ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33. | |||||
| CVE-2022-41246 | 1 Jenkins | 1 Worksoft Execution Manager | 2023-11-13 | N/A | 6.5 MEDIUM |
| A missing permission check in Jenkins Worksoft Execution Manager Plugin 10.0.3.503 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2022-43421 | 1 Jenkins | 1 Tuleap Git Branch Source | 2023-11-13 | N/A | 5.3 MEDIUM |
| A missing permission check in Jenkins Tuleap Git Branch Source Plugin 3.2.4 and earlier allows unauthenticated attackers to trigger Tuleap projects whose configured repository matches the attacker-specified value. | |||||
| CVE-2022-45385 | 1 Jenkins | 1 Cloudbees Docker Hub\/registry Notification | 2023-11-13 | N/A | 7.5 HIGH |
| A missing permission check in Jenkins CloudBees Docker Hub/Registry Notification Plugin 2.6.2 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository. | |||||
| CVE-2023-46352 | 1 Smartmodules | 1 Facebookconversiontrackingplus | 2023-11-10 | N/A | 7.5 HIGH |
| In the module "Pixel Plus: Events + CAPI + Pixel Catalog for Facebook Module" (facebookconversiontrackingplus) up to version 2.4.9 from Smart Modules for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can access exports from the module which can lead to a leak of personal information from ps_customer table such as name / surname / email. | |||||
| CVE-2023-43194 | 1 Rcos | 1 Submitty | 2023-11-10 | N/A | 5.3 MEDIUM |
| Submitty before v22.06.00 is vulnerable to Incorrect Access Control. An attacker can delete any post in the forum by modifying request parameter. | |||||
| CVE-2023-36621 | 1 Nationaledtech | 1 Boomerang | 2023-11-09 | N/A | 9.1 CRITICAL |
| An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing. | |||||
| CVE-2020-23793 | 1 Spice-space | 1 Spice-server | 2023-08-26 | N/A | 8.6 HIGH |
| An issue was discovered in spice-server spice-server-0.14.0-6.el7_6.1.x86_64 of Redhat's VDI product. There is a security vulnerablility that can restart KVMvirtual machine without any authorization. It is not yet known if there will be other other effects. | |||||
| CVE-2023-4434 | 1 Hamza417 | 1 Inure | 2023-08-25 | N/A | 6.1 MEDIUM |
| Missing Authorization in GitHub repository hamza417/inure prior to build88. | |||||
| CVE-2023-38508 | 2023-08-25 | N/A | N/A | ||
| Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 14.11.99.28 and Tuleap Enterprise Edition prior to versions 14.10-6 and 14.11-3, the preview of an artifact link with a type does not respect the project, tracker and artifact level permissions. The issue occurs on the artifact view (not reproducible on the artifact modal). Users might get access to information they should not have access to. Only the title, status, assigned to and last update date fields as defined by the semantics are impacted. If those fields have strict permissions (e.g. the title is only visible to a specific user group) those permissions are still enforced. Tuleap Community Edition 14.11.99.28, Tuleap Enterprise Edition 14.10-6, and Tuleap Enterprise Edition 14.11-3 contain a fix for this issue. | |||||
| CVE-2023-4302 | 1 Jenkins | 1 Fortify | 2023-08-24 | N/A | 4.3 MEDIUM |
| A missing permission check in Jenkins Fortify Plugin 22.1.38 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2023-21134 | 1 Google | 1 Android | 2023-08-24 | N/A | 6.8 MEDIUM |
| In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21140 | 1 Google | 1 Android | 2023-08-24 | N/A | 6.8 MEDIUM |
| In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21132 | 1 Google | 1 Android | 2023-08-24 | N/A | 6.8 MEDIUM |
| In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||