CVE-2022-2550

OS Command Injection in GitHub repository hestiacp/hestiacp prior to 1.6.5.Read More ...

Continue Reading

July 27, 2022

CVE-2022-36904

Jenkins Repository Connector Plugin 2.2.0 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the exi ...

Continue Reading

July 27, 2022

CVE-2022-36896

A missing permission check in Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin 2.0.12 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of ...

Continue Reading

July 27, 2022

CVE-2022-36906

A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and ...

Continue Reading

July 27, 2022

CVE-2022-36901

Jenkins HTTP Request Plugin 1.15 and earlier stores HTTP Request passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the J ...

Continue Reading

July 27, 2022

CVE-2022-36907

A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified usernam ...

Continue Reading

July 27, 2022

CVE-2022-36909

A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jen ...

Continue Reading

July 27, 2022

CVE-2022-36890

Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the name of files in methods implementing form validation, allowing attackers with Item/Read permission to check for th ...

Continue Reading

July 27, 2022

1 199,223 199,224 199,225 199,226 199,227 204,540

Back to Main
Subscribe for the latest news: