Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-10332 | 1 Jenkins | 1 Electricflow | 2020-10-01 | 4.3 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins ElectricFlow Plugin 1.1.5 and earlier in Configuration#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials. | |||||
| CVE-2019-10342 | 1 Jenkins | 1 Docker | 2020-10-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in various 'fillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. | |||||
| CVE-2019-10279 | 1 Jenkins | 1 Jenkins-reviewbot | 2020-10-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| A missing permission check in Jenkins jenkins-reviewbot Plugin in the ReviewboardDescriptor#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server. | |||||
| CVE-2019-10301 | 1 Jenkins | 1 Gitlab | 2020-10-01 | 4.0 MEDIUM | 8.8 HIGH |
| A missing permission check in Jenkins GitLab Plugin 1.5.11 and earlier in the GitLabConnectionConfig#doTestConnection form validation method allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2019-10339 | 1 Jenkins | 1 Jx Resources | 2020-10-01 | 4.0 MEDIUM | 8.8 HIGH |
| A missing permission check in Jenkins JX Resources Plugin 1.0.36 and earlier in GlobalPluginConfiguration#doValidateClient allowed users with Overall/Read access to have Jenkins connect to an attacker-specified Kubernetes server, potentially leaking credentials. | |||||
| CVE-2019-10293 | 1 Jenkins | 1 Kmap | 2020-10-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| A missing permission check in Jenkins Kmap Plugin in KmapJenkinsBuilder.DescriptorImpl form validation methods allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server. | |||||
| CVE-2020-3124 | 1 Cisco | 1 Hosted Collaboration Mediation Fulfillment | 2020-10-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the web-based interface of Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections by the affected software. An attacker could exploit this vulnerability by persuading a targeted user to click a malicious link. A successful exploit could allow the attacker to send arbitrary requests that could change the password of a targeted user. An attacker could then take unauthorized actions on behalf of the targeted user. | |||||
| CVE-2019-10313 | 1 Jenkins | 1 Twitter | 2020-10-01 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins Twitter Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-10348 | 1 Jenkins | 1 Gogs | 2020-10-01 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins Gogs Plugin stored credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-10366 | 1 Jenkins | 1 Skytap Cloud Ci | 2020-10-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Skytap Cloud CI Plugin 2.06 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-10369 | 1 Jenkins | 1 Jclouds | 2020-10-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| A missing permission check in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpl#doTestConnection and JCloudsCloud.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2019-10385 | 1 Jenkins | 1 Eggplant | 2020-10-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins eggPlant Plugin 2.2 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2020-16171 | 1 Acronis | 1 Cyber Backup | 2020-10-01 | 6.4 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct SSRF attacks against otherwise unreachable Acronis services that are bound to localhost such as the NotificationService on 127.0.0.1:30572. | |||||
| CVE-2019-10378 | 1 Jenkins | 1 Testlink | 2020-10-01 | 2.1 LOW | 5.3 MEDIUM |
| Jenkins TestLink Plugin 3.16 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-10380 | 1 Jenkins | 1 Simple Travis Pipeline Runner | 2020-10-01 | 6.5 MEDIUM | 8.8 HIGH |
| Jenkins Simple Travis Pipeline Runner Plugin 1.0 and earlier specifies unsafe values in its custom Script Security whitelist, allowing attackers able to execute Script Security protected scripts to execute arbitrary code. | |||||
| CVE-2019-10389 | 1 Jenkins | 1 Relution Enterprise Appstore Publisher | 2020-10-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Relution Enterprise Appstore Publisher Plugin 1.24 and earlier allows attackers to have Jenkins initiate an HTTP connection to an attacker-specified server. | |||||
| CVE-2019-10409 | 1 Jenkins | 1 Project Inheritance | 2020-10-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Project Inheritance Plugin 2.0.0 and earlier allowed attackers with Overall/Read permission to trigger project generation from templates. | |||||
| CVE-2020-4315 | 1 Ibm | 1 Business Automation Content Analyzer On Cloud | 2020-10-01 | 4.3 MEDIUM | 4.3 MEDIUM |
| IBM Business Automation Content Analyzer on Cloud 1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 177234. | |||||
| CVE-2019-10455 | 1 Jenkins | 1 Rundeck | 2020-10-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Rundeck Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. | |||||
| CVE-2019-10457 | 1 Jenkins | 1 Oracle Cloud Infrastructure Compute Classic | 2020-10-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. | |||||
| CVE-2020-3117 | 1 Cisco | 2 Content Security Management Appliance, Web Security Appliance | 2020-10-01 | 4.3 MEDIUM | 4.7 MEDIUM |
| A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user to access a crafted URL and receive a malicious HTTP response. A successful exploit could allow the attacker to inject arbitrary HTTP headers into valid HTTP responses sent to a user's browser. | |||||
| CVE-2019-1983 | 1 Cisco | 3 Asyncos, Content Security Management Appliance, Email Security Appliance | 2020-10-01 | 7.8 HIGH | 5.3 MEDIUM |
| A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to cause repeated crashes in some internal processes that are running on the affected devices, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation of email attachments. An attacker could exploit this vulnerability by sending an email message with a crafted attachment through an affected device. A successful exploit could allow the attacker to cause specific processes to crash repeatedly, resulting in the complete unavailability of both the Cisco Advanced Malware Protection (AMP) and message tracking features and in severe performance degradation while processing email. After the affected processes restart, the software resumes filtering for the same attachment, causing the affected processes to crash and restart again. A successful exploit could also allow the attacker to cause a repeated DoS condition. Manual intervention may be required to recover from this situation. | |||||
| CVE-2019-1947 | 1 Cisco | 2 Asyncos, Email Security Appliance | 2020-10-01 | 7.8 HIGH | 8.6 HIGH |
| A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of email messages that contain large attachments. An attacker could exploit this vulnerability by sending a malicious email message through the targeted device. A successful exploit could allow the attacker to cause a permanent DoS condition due to high CPU utilization. This vulnerability may require manual intervention to recover the ESA. | |||||
| CVE-2019-10445 | 1 Jenkins | 1 Google Kubernetes Engine | 2020-10-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed attackers with Overall/Read permission to obtain limited information about the scope of a credential with an attacker-specified credentials ID. | |||||
| CVE-2019-10442 | 1 Jenkins | 1 Icescrum | 2020-10-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins iceScrum Plugin 1.1.5 and earlier allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. | |||||
| CVE-2019-10439 | 1 Jenkins | 1 Crx Content Package Deployer | 2020-10-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier in various 'doFillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. | |||||
| CVE-2019-10438 | 1 Jenkins | 1 Crx Content Package Deployer | 2020-10-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2020-25221 | 1 Linux | 1 Linux Kernel | 2020-10-01 | 7.2 HIGH | 7.8 HIGH |
| get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit process that can use ptrace() or process_vm_readv(), aka CID-9fa2dd946743. | |||||
| CVE-2019-10284 | 1 Jenkins | 1 Diawi Upload | 2020-10-01 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins Diawi Upload Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-15969 | 1 Cisco | 1 Web Security Appliance | 2020-10-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script or HTML code in the context of the interface, which could allow the attacker to gain access to sensitive, browser-based information. | |||||
| CVE-2019-10285 | 1 Jenkins | 1 Minio Storage | 2020-10-01 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins Minio Storage Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2020-8253 | 1 Citrix | 1 Xenmobile Server | 2020-10-01 | 5.0 MEDIUM | 7.5 HIGH |
| Improper authentication in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 leads to the ability to access sensitive files. | |||||
| CVE-2019-10286 | 1 Jenkins | 1 Deployhub | 2020-10-01 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins DeployHub Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-10287 | 1 Jenkins | 1 Youtrack-plugin | 2020-10-01 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins youtrack-plugin Plugin 0.7.1 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | |||||
| CVE-2019-10288 | 1 Jenkins | 1 Jabber Server | 2020-10-01 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins Jabber Server Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-10283 | 1 Jenkins | 1 Mabl | 2020-10-01 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins mabl Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-10712 | 1 Wago | 32 750-330, 750-330 Firmware, 750-352 and 29 more | 2020-10-01 | 7.5 HIGH | 9.8 CRITICAL |
| The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access. | |||||
| CVE-2019-9658 | 3 Checkstyle, Debian, Fedoraproject | 3 Checkstyle, Debian Linux, Fedora | 2020-10-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| Checkstyle before 8.18 loads external DTDs by default. | |||||
| CVE-2020-12816 | 1 Fortinet | 1 Fortinac | 2020-09-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| An improper neutralization of input vulnerability in FortiNAC before 8.7.2 may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the UserID of Admin Users. | |||||
| CVE-2020-24371 | 1 Lua | 1 Lua | 2020-09-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage. | |||||
| CVE-2019-19948 | 1 Imagemagick | 1 Imagemagick | 2020-09-30 | 7.5 HIGH | 9.8 CRITICAL |
| In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c. | |||||
| CVE-2019-19949 | 3 Debian, Imagemagick, Opensuse | 3 Debian Linux, Imagemagick, Leap | 2020-09-30 | 6.4 MEDIUM | 9.1 CRITICAL |
| In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare. | |||||
| CVE-2020-25726 | 2020-09-30 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2019-10177 | 1 Redhat | 1 Cloudforms Management Engine | 2020-09-30 | 6.0 MEDIUM | 6.5 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability was found in the PDF export component of CloudForms, versions 5.9 and 5.10, due to user input is not properly sanitized. An attacker with least privilege to edit compute is able to execute a XSS attack against other users, which could lead to malicious code execution and extraction of the anti-CSRF token of higher privileged users. | |||||
| CVE-2020-7945 | 1 Puppet | 1 Continuous Delivery | 2020-09-30 | 2.1 LOW | 5.5 MEDIUM |
| Local registry credentials were included directly in the CD4PE deployment definition, which could expose these credentials to users who should not have access to them. This is resolved in Continuous Delivery for Puppet Enterprise 4.0.1. | |||||
| CVE-2020-13991 | 1 Jerryscript | 1 Jerryscript | 2020-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register. | |||||
| CVE-2020-25515 | 1 Simple Library Management System Project | 1 Simple Library Management System | 2020-09-30 | 4.6 MEDIUM | 7.8 HIGH |
| Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books. | |||||
| CVE-2020-12811 | 1 Fortinet | 2 Fortianalyzer, Fortimanager | 2020-09-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| An improper neutralization of script-related HTML tags in a web page in FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3and FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3 may allow an attacker to execute a cross site scripting (XSS) via the Identify Provider name field. | |||||
| CVE-2020-3433 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2020-09-30 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. | |||||
| CVE-2020-3476 | 1 Cisco | 1 Ios | 2020-09-30 | 3.6 LOW | 6.0 MEDIUM |
| A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. The vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of any arbitrary file that resides on the underlying host file system. | |||||