3 results (0.005 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

A cross-site request forgery (CSRF) vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags. • http://www.openwall.com/lists/oss-security/2023/07/26/2 https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-3095 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117. Bazaar hasta la versión 2.7.0, cuando se utiliza un subproceso SSH, perote que atacantes remotos ejecuten comandos arbitrarios mediante una URL bzr+ssh con un carácter guión inicial en el nombre del host. Esta vulnerabilidad está relacionada con CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116 y CVE-2017-1000117. • http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-14176.html http://www.ubuntu.com/usn/usn-3411-1 https://bugs.debian.org/874429 https://bugs.launchpad.net/bzr/+bug/1710979 https://bugzilla.redhat.com/show_bug.cgi?id=1486685 https://bugzilla.suse.com/show_bug.cgi?id=1058214 https://www.debian.org/security/2017/dsa-4052 •

CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 0

Unspecified vulnerability in WebUI in ADempiere Bazaar before 3.3 beta Victoria edition allows remote attackers to access system-level windows via unspecified vectors. Vulnerabilidad no especificada en WebUI en ADempiere Bazaar before 3.3 beta edición Victoria permite a atacantes remotos acceder al nivel de sistema windows a través de vectores no especificados. • http://adempiere.com/wiki/index.php/Release_330 http://osvdb.org/38691 http://secunia.com/advisories/26247 http://sourceforge.net/forum/forum.php?forum_id=719716 http://sourceforge.net/tracker/index.php?func=detail&aid=1745703&group_id=176962&atid=879332 http://sourceforge.net/tracker/index.php?func=detail&aid=1745707&group_id=176962&atid=879334 http://www.securityfocus.com/bid/25091 http://www.vupen.com/english/advisories/2007/2691 https://exchange.xforce.ibmcloud.com/vulnerabilities&# •