VYPR

CVEs

100,082 total · page 1619 of 2,002

  • CVE-2019-10291HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.02

    Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.

  • CVE-2019-10288HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.02

    Jenkins Jabber Server Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-10287HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.02

    Jenkins youtrack-plugin Plugin 0.7.1 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.

  • CVE-2019-10286HigApr 4, 2019
    risk 0.50cvss 8.8epss 0.02

    Jenkins DeployHub Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-10285HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.02

    Jenkins Minio Storage Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-10284HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.02

    Jenkins Diawi Upload Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-10283HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.02

    Jenkins mabl Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-10282HigApr 4, 2019
    risk 0.50cvss 8.8epss 0.02

    Jenkins Klaros-Testmanagement Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-10281HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.02

    Jenkins Relution Enterprise Appstore Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-10280HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.02

    Jenkins Assembla Auth Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-10277HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.02

    Jenkins StarTeam Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-1003075HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins Audit to Database Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003074HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins Hyper.sh Commons Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003073HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins VS Team Services Continuous Deployment Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-1003072HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins WildFly Deployer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-1003071HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins OctopusDeploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003070HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins veracode-scanner Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003069HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins Aqua Security Scanner Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003068HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins VMware vRealize Automation Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-1003067HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins Trac Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-1003066HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins Bugzilla Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003065HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins CloudShare Docker-Machine Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003064HigApr 4, 2019
    risk 0.50cvss 8.8epss 0.01

    Jenkins aws-device-farm Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003063HigApr 4, 2019
    risk 0.50cvss 8.8epss 0.01

    Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003062HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins AWS CloudWatch Logs Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003061HigApr 4, 2019
    risk 0.50cvss 8.8epss 0.01

    Jenkins jenkins-cloudformation-plugin Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-1003060HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins Official OWASP ZAP Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003057HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins Bitbucket Approve Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003056HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins WebSphere Deployer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-1003055HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins FTP publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003054HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins Jira Issue Updater Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-1003053HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins HockeyApp Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

  • CVE-2019-1003052HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins AWS Elastic Beanstalk Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2019-1003051HigApr 4, 2019
    risk 0.57cvss 8.8epss 0.01

    Jenkins IRC Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

  • CVE-2018-19981HigApr 4, 2019
    risk 0.47cvss 7.2epss 0.02

    Amazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS Temporary Credentials retrieved by AWS Cognito Identity Service. An attacker can use these credentials to create authenticated and/or authorized requests. Note that the attacker must…

  • CVE-2018-13918HigApr 4, 2019
    risk 0.51cvss 7.8epss 0.00

    kernel could return a received message length higher than expected, which leads to buffer overflow in a subsequent operation and stops normal operation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, in MDM9150,…

  • CVE-2018-11970HigApr 4, 2019
    risk 0.51cvss 7.8epss 0.00

    TZ App dynamic allocations not protected from XBL loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 410/12, SD 636,…

  • CVE-2018-11966HigApr 4, 2019
    risk 0.51cvss 7.8epss 0.00

    Undefined behavior in UE while processing unknown IEI in OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU,…

  • CVE-2018-11830HigApr 4, 2019
    risk 0.51cvss 7.8epss 0.00

    Improper input validation in QCPE create function may lead to integer overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 410/12, SD 820A

  • CVE-2018-10242HigApr 4, 2019
    risk 0.49cvss 7.5epss 0.02

    Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. A malformed SSH banner can cause the parsing code to read beyond the allocated data because SSHParseBanner in app-layer-ssh.c lacks a length check.

  • CVE-2015-5384HigApr 3, 2019
    risk 0.57cvss 8.8epss 0.01

    AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation attack.

  • CVE-2015-5606HigApr 3, 2019
    risk 0.49cvss 7.5epss 0.02

    Vordel XML Gateway (acquired by Axway) version 7.2.2 could allow remote attackers to cause a denial of service via a specially crafted request.

  • CVE-2019-10240HigApr 3, 2019
    risk 0.53cvss 8.1epss 0.00

    Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of hawkBit might be infected.

  • CVE-2018-4465HigApr 3, 2019
    risk 0.51cvss 7.8epss 0.01

    A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.

  • CVE-2018-4464HigApr 3, 2019
    risk 0.57cvss 8.8epss 0.01

    Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.

  • CVE-2018-4463HigApr 3, 2019
    risk 0.51cvss 7.8epss 0.01

    A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2.

  • CVE-2018-4461HigApr 3, 2019
    risk 0.51cvss 7.8epss 0.01

    A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.

  • CVE-2018-4456HigApr 3, 2019
    risk 0.51cvss 7.8epss 0.01

    A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6, macOS Mojave 10.14.

  • CVE-2018-4450HigApr 3, 2019
    risk 0.51cvss 7.8epss 0.01

    A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2.

  • CVE-2018-4449HigApr 3, 2019
    risk 0.51cvss 7.8epss 0.01

    A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2.