emlog 2.1.9 is vulnerable to Arbitrary file deletion via admintemplate.php.Read More ...
Continue Reading
July 26, 2023
In JetBrains IntelliJ IDEA before 2023.2 plugin for Space was requesting excessive permissionsRead More ...
Continue Reading
July 26, 2023
Always-incorrect control flow implementation in Jenkins Gradle Plugin 2.8 may result in credentials not being masked (i.e., replaced with asterisks) in the build log in some circumstances.Read More ...
Continue Reading
July 26, 2023
Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it.Read More ...
Continue Reading
July 26, 2023
Jenkins 2.415 and earlier, LTS 2.401.2 and earlier does not sanitize or properly encode URLs in build logs when transforming them into hyperlinks, resulting in a stored cross-site scripting (XSS) vuln ...
Continue Reading
July 26, 2023
Interactive Forms (IAF) in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks (XSS) because the CSP header uses eval() in the script-src.Read More ...
Continue Reading
July 26, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands wi ...
Continue Reading
July 26, 2023
Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery (CSRF) because the unique token could be deduced using the names of al ...
Continue Reading
July 26, 2023
Back to Main
