Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
workspaces vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2022-43433
Jenkins ScreenRecorder Plugin 0.7 and previous versions programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
Jenkins Screenrecorder
8.1
CVSSv3
CVE-2022-1805
When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. Th...
Teradici Tera2 Pcoip Zero Client Firmware 22.04
Teradici Tera2 Pcoip Zero Client Firmware
7.5
CVSSv3
CVE-2022-29244
npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag (ie. `--workspaces`, `--workspace=<name>`). Anyone who has run `npm pack` or `npm publish` inside a workspace, as of v7.9.0 and v7.13.0 respectiv...
Npmjs Npm
Netapp Ontap Select Deploy Administration Utility -
8.8
CVSSv3
CVE-2021-43637
Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local malicious users to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted...
Amazon Workspaces
8.8
CVSSv3
CVE-2021-43638
Amazon Amazon WorkSpaces agent is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local malicious users to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially...
Amazon Workspaces
8.8
CVSSv3
CVE-2021-38112
In the Amazon AWS WorkSpaces client 3.0.10 up to and including 3.1.8 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework (CEF) --gpu-launcher argument. This is fixed in 3.1.9.
Amazon Aws Workspaces
3 Github repositories
7.8
CVSSv3
CVE-2021-34528
Visual Studio Code Remote Code Execution Vulnerability
Microsoft Visual Studio Code
5.3
CVSSv3
CVE-2020-13667
Access bypass vulnerability in of Drupal Core Workspaces allows an malicious user to access data without correct permissions. The Workspaces module doesn't sufficiently check access permissions when switching workspaces, leading to an access bypass vulnerability. An attacker...
Drupal Drupal
8.8
CVSSv3
CVE-2021-22155
An Authentication Bypass vulnerability in the SAML Authentication component of BlackBerry Workspaces Server (deployed with Appliance-X) version(s) 10.1, 9.1 and previous versions could allow an malicious user to potentially gain access to the application in the context of the tar...
Blackberry Workspaces Server 10.1
Blackberry Workspaces Server
5.3
CVSSv3
CVE-2021-21615
Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition.
Jenkins Jenkins
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »