Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle communications cloud native core automated test suite 1.9.0 vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2018-1000194
A path traversal vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in FilePath.java, SoloFilePathFilter.java that allows malicious agents to read and write arbitrary files on the Jenkins master, bypassing the agent-to-master security subsystem protection.
Jenkins Jenkins
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
9.8
CVSSv3
CVE-2017-1000353
Jenkins versions 2.56 and previous versions as well as 2.46.1 LTS and previous versions are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed malicious users to transfer a serialized Java `SignedObject` object t...
Jenkins Jenkins
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
1 EDB exploit
5 Github repositories
1 Article
4.3
CVSSv3
CVE-2018-1000192
A information exposure vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in AboutJenkins.java, ListPluginsCommand.java that allows users with Overall/Read access to enumerate all installed plugins.
Jenkins Jenkins
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
4.3
CVSSv3
CVE-2018-1000195
A server-side request forgery vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in ZipExtractionInstaller.java that allows users with Overall/Read permission to have Jenkins submit a HTTP GET request to an arbitrary URL and learn whether the response is succe...
Jenkins Jenkins
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
6.5
CVSSv3
CVE-2018-6356
Jenkins prior to 2.107 and Jenkins LTS prior to 2.89.4 did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. This allowed users with Overall/Read permission to download files from the Jenkins master they should n...
Jenkins Jenkins
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
5.4
CVSSv3
CVE-2022-20615
Jenkins Matrix Project Plugin 1.19 and previous versions does not escape HTML metacharacters in node and label names, and label descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure permission.
Jenkins Matrix Project
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
4.3
CVSSv3
CVE-2022-20613
A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and previous versions allows malicious users to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.
Jenkins Mailer 391.ve4a 38c1b Cf4b
Jenkins Mailer
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
4.3
CVSSv3
CVE-2022-20614
A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and previous versions allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.
Jenkins Mailer 391.ve4a 38c1b Cf4b
Jenkins Mailer
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
8.1
CVSSv3
CVE-2019-1003049
Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and previous versions and Jenkins LTS 2.164.1 and previous versions, because the fix for CVE-2019-1003004 in these releases d...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
5.4
CVSSv3
CVE-2019-1003050
The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and previous versions and Jenkins LTS 2.164.1 and previous versions, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job...
Jenkins Jenkins
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
Redhat Openshift Container Platform 3.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »