Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
workspaces vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-43432
Jenkins XFramium Builder Plugin 1.0.22 and previous versions programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
Jenkins Xframium Builder
NA
CVE-2022-43435
Jenkins 360 FireLine Plugin 1.7.2 and previous versions programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
Jenkins 360 Fireline
312
VMScore
CVE-2020-2214
Jenkins ZAP Pipeline Plugin 1.9 and previous versions programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
Jenkins Zap Pipeline
NA
CVE-2022-43434
Jenkins NeuVector Vulnerability Scanner Plugin 1.20 and previous versions programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
Jenkins Neuvector Vulnerability Scanner
605
VMScore
CVE-2019-18397
A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi up to and including 1.0.7 allows an malicious user to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this ...
Gnu Fribidi
Debian Debian Linux 10.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2024-23905
Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and previous versions programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
Jenkins Red Hat Dependency Analytics
356
VMScore
CVE-2016-5462
Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote administrators to affect confidentiality via vectors related to Workspaces.
Oracle Siebel Core-server Framework 8.2.2
Oracle Siebel Core-server Framework 2014
Oracle Siebel Core-server Framework 8.1.1
Oracle Siebel Core-server Framework 2015
Oracle Siebel Core-server Framework 2016
NA
CVE-2022-41708
Relatedcode's Messenger version 7bcd20b allows an authenticated external malicious user to access existing chats in the workspaces of any user of the application. This is possible because the application does not validate permissions correctly.
Relatedcode Messenger -
NA
CVE-2024-32467
MeterSphere is an open source continuous testing platform. Prior to version 2.10.14-lts, members without space permissions can view member information from other workspaces beyond their authority. Version 2.10.14-lts fixes this issue.
2 Github repositories
312
VMScore
CVE-2015-7536
Cross-site scripting (XSS) vulnerability in Jenkins prior to 1.640 and LTS prior to 1.625.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to workspaces and archived artifacts.
Jenkins Jenkins
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »