|
248281
|
5.6 |
MEDIUM
Network
|
jenkins
|
ansible
|
A man in the middle vulnerability exists in Jenkins Ansible Plugin 0.8 and older in AbstractAnsibleInvocation.java, AnsibleAdHocCommandBuilder.java, AnsibleAdHocCommandInvocationTest.java, AnsibleCon…
|
NVD-CWE-noinfo
|
CVE-2018-1000149
|
2024-11-21 12:39 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248282
|
6.5 |
MEDIUM
Network
|
jenkins
|
copy_to_slave
|
An exposure of sensitive information vulnerability exists in Jenkins Copy To Slave Plugin version 1.4.4 and older in CopyToSlaveBuildWrapper.java that allows attackers with permission to configure jo…
|
CWE-200
Information Exposure
|
CVE-2018-1000148
|
2024-11-21 12:39 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248283
|
6.5 |
MEDIUM
Network
|
perforce
|
perforce
|
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to o…
|
CWE-200
Information Exposure
|
CVE-2018-1000147
|
2024-11-21 12:39 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248284
|
8.8 |
HIGH
Network
|
jenkins
|
liquibase_runner
|
An arbitrary code execution vulnerability exists in Liquibase Runner Plugin version 1.3.0 and older that allows an attacker with permission to configure jobs to load and execute arbitrary code on the…
|
NVD-CWE-noinfo
|
CVE-2018-1000146
|
2024-11-21 12:39 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248285
|
6.5 |
MEDIUM
Network
|
jenkins
|
perforce
|
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to …
|
CWE-200
Information Exposure
|
CVE-2018-1000145
|
2024-11-21 12:39 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248286
|
6.1 |
MEDIUM
Network
|
jenkins
|
cucumber_living_documentation
|
A cross site scripting vulnerability exists in Jenkins Cucumber Living Documentation Plugin 1.0.12 and older in CukedoctorBaseAction#doDynamic that disables the Content-Security-Policy protection for…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000144
|
2024-11-21 12:39 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248287
|
6.7 |
MEDIUM
Local
|
jenkins
|
github_pull_request_builder
|
An exposure of sensitive information vulnerability exists in Jenkins GitHub Pull Request Builder Plugin version 1.39.0 and older in GhprbCause.java that allows an attacker with local file system acce…
|
CWE-200
Information Exposure
|
CVE-2018-1000143
|
2024-11-21 12:39 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248288
|
7.8 |
HIGH
Local
|
jenkins
|
github_pull_request_builder
|
An exposure of sensitive information vulnerability exists in Jenkins GitHub Pull Request Builder Plugin version 1.39.0 and older in GhprbCause.java that allows an attacker with local file system acce…
|
CWE-200
Information Exposure
|
CVE-2018-1000142
|
2024-11-21 12:39 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248289
|
8.8 |
HIGH
Network
|
microsoft
|
security_essentials
exchange_server
forefront_endpoint_protection_2010
intune_endpoint_protection
system_center_endpoint_protection
windows_defender
|
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protect…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-0986
|
2024-11-21 12:39 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248290
|
9.1 |
CRITICAL
Network
|
i-librarian
|
i_librarian
|
I, Librarian version 4.9 and earlier contains an Incorrect Access Control vulnerability in ajaxdiscussion.php that can result in any users gaining unauthorized access (read, write and delete) to proj…
|
CWE-269
Improper Privilege Management
|
CVE-2018-1000141
|
2024-11-21 12:39 |
2018-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
