Jenkins BigPanda Notifier Plugin Missing Password Field Masking

Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it.Read More ...

Continue Reading

CVSS3 - MEDIUM

Jenkins Anchore Container Image Scanner Plugin vulnerable to cross site scripting

Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting (XSS) vulnerability exploitable ...

Continue Reading

CVSS3 - MEDIUM

Exploit for Vulnerability in Microsoft

# CVE-2022-26809-POC metasploit module for CVE-2022-26809 window...Read More ...

Continue Reading

CVSS3 - CRITICAL

CVSS2 - HIGH

Jenkins BigPanda Notifier Plugin Missing Password Field Masking

Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it.Read More ...

Continue Reading

CVSS3 - MEDIUM

Jenkins Anchore Container Image Scanner Plugin vulnerable to cross site scripting

Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting (XSS) vulnerability exploitable ...

Continue Reading

CVSS3 - MEDIUM

SUSE SLES15 Security Update : kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container (SUSE-SU-2022:3333-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3333-1 advisory. - A path traversal vulnerability in KubeVirt ...

Continue Reading
Exploit for Command Injection in Atlassian Bitbucket

# CVE-2022-36804-POC A critical vulnerability (CVE-2022-36804) i...Read More ...

Continue Reading

CVSS3 - HIGH

CVE-2022-39230

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

Continue Reading

Back to Main

Subscribe for the latest news: