NotCVE - vendor:"Jenkins" product:"Jenkins" version:"1.426"

Page 23 of 233 results (0.005 seconds)

CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2014-2067

https://notcve.org/view.php?id=CVE-2014-2067

28 Feb 2014 — Cross-site scripting (XSS) vulnerability in java/hudson/model/Cause.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to inject arbitrary web script or HTML via a "remote cause note." Vulnerabilidad de XSS en java/hudson/model/Cause.java en Jenkins en versiones anteriores a 1.551 y LTS en versiones anteriores a 1.532.2 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de una "nota de causa remota". • http://seclists.org/oss-sec/2014/q1/421 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2013-0327 – jenkins: cross-site request forgery (CSRF) on Jenkins master

https://notcve.org/view.php?id=CVE-2013-0327

12 Mar 2013 — Cross-site request forgery (CSRF) vulnerability in Jenkins master in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to hijack the authentication of users via unknown vectors. Vulnerabilidad de CSRF en el maestro de Jenkins en Jenkins en versiones anteriores a 1.502 y LTS en versiones anteriores a 1.480.3 permite a atacantes remotos secuestra la autenticación de usuarios a través de vectores desconocidos. OpenShift Enterprise is a cloud computing Platform-as-a-Service solution from Red H... • http://rhn.redhat.com/errata/RHSA-2013-0638.html • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2013-0330 – jenkins: cause building jobs without direct access

https://notcve.org/view.php?id=CVE-2013-0330

12 Mar 2013 — Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors. Vulnerabilidad no especificada en Jenkins en versiones anteriores a 1.502 y LTS en versiones anteriores a 1.480.3 permite a usuarios remotos autenticados con acceso de escritura construir trabajos arbitrarios a través de vectores de ataque desconocidos. OpenShift Enterprise is a cloud computing Platform-as-a-Service solution from Red... • http://rhn.redhat.com/errata/RHSA-2013-0638.html •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2013-0329 – jenkins: cross-site request forgery (CSRF) protection mechanism bypass

https://notcve.org/view.php?id=CVE-2013-0329

12 Mar 2013 — Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors. Vulnerabilidad no especificada en Jenkins en versiones anteriores a 1.502 y LTS en versiones anteriores a 1.480.3 permite a atacantes remotos eludir el mecanismo de protección CSRF a través de vectores de ataque desconocidos. OpenShift Enterprise is a cloud computing Platform-as-a-Service solution from Red Hat, and is designed for on-premise or ... • http://rhn.redhat.com/errata/RHSA-2013-0638.html • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

CVE-2013-0328 – jenkins: XSS

https://notcve.org/view.php?id=CVE-2013-0328

12 Mar 2013 — Cross-site scripting (XSS) vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Jenkins en versiones anteriores a 1.502 y LTS en versiones anteriores a 1.480.3 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. OpenShift Enterprise is a cloud computing Platform-as-a-Service solution from Red Hat, and is designed for on... • http://rhn.redhat.com/errata/RHSA-2013-0638.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2013-0331 – jenkins: denial of service attack by feeding a carefully crafted payload to Jenkins

https://notcve.org/view.php?id=CVE-2013-0331

12 Mar 2013 — Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload. Jenkins en versiones anteriores a 1.502 y LTS en versiones anteriores a 1.480.3 permite a usuarios remotos autenticados con acceso de escritura provocar una denegación de servicio a través de un payload manipulado. OpenShift Enterprise is a cloud computing Platform-as-a-Service solution from Red Hat, and is designed for on-premise or private cloud deployments. A... • http://rhn.redhat.com/errata/RHSA-2013-0638.html • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 0%CPEs: 60EXPL: 0

CVE-2013-0158 – jenkins: remote unauthenticated retrieval of master cryptographic key (Jenkins Security Advisory 2013-01-04)

https://notcve.org/view.php?id=CVE-2013-0158

01 Feb 2013 — Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors. Vulnerabilidad no especificada en Jenkins en versiones anteriores a 1.498, Jenkins LTS en versiones anteriores a 1.480.2 y Jenkins Enterprise 1.447.x en versiones anteriores a 1.447.6.1 y 1.466.x en versione... • http://rhn.redhat.com/errata/RHSA-2013-0220.html •

CVSS: 6.1EPSS: 0%CPEs: 68EXPL: 0

CVE-2012-6073 – Jenkins: open redirect

https://notcve.org/view.php?id=CVE-2012-6073

01 Feb 2013 — Open redirect vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Vulnerabilidad de redirección abierta en Jenkins en versiones anteriores a 1.491, Jenkins LTS en versiones anteriores a 1.480.1 y Jenkins Enterprise 1.424.x en versiones anteriores a 1.424.6.13, 1.447.x en ... • http://rhn.redhat.com/errata/RHSA-2013-0220.html • CWE-20: Improper Input Validation •

CVSS: 5.4EPSS: 0%CPEs: 68EXPL: 0

CVE-2012-6074 – Jenkins: cross-site scripting vulnerability

https://notcve.org/view.php?id=CVE-2012-6074

01 Feb 2013 — Cross-site scripting (XSS) vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote authenticated users with write access to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Jenkins en versiones anteriores a 1.491, Jenkins LTS en versiones anteriores a 1.480.1 y Jenkins Enterprise 1.424.x en versiones anteriores a 1.424.6.13, 1.447.x en versio... • http://rhn.redhat.com/errata/RHSA-2013-0220.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 68EXPL: 0

CVE-2012-6072 – Jenkins: HTTP response splitting

https://notcve.org/view.php?id=CVE-2012-6072

01 Feb 2013 — CRLF injection vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Vulnerabilidad de inyección CRLF en Jenkins en versiones anteriores a 1.491, Jenkins LTS en versiones anteriores a 1.480.1 y Jenkins Enterprise 1.424.x en versiones anteriores a 1.424.6.13, 1.447.x ... • http://rhn.redhat.com/errata/RHSA-2013-0220.html • CWE-20: Improper Input Validation •

1...21 22 23 24