An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows attackers to extend the duration of active HTTP sessions indefinitely even though the user account may have been deleted in the mean time.
Max CVSS
7.2
EPSS Score
0.26%
Published
2019-01-22
Updated
2023-10-25
An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts.
Max CVSS
7.2
EPSS Score
0.26%
Published
2019-01-22
Updated
2023-10-25

CVE-2019-1003002

Public exploit
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and earlier in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
Max CVSS
8.8
EPSS Score
79.65%
Published
2019-01-22
Updated
2023-10-25

CVE-2019-1003001

Public exploit
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and earlier in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
Max CVSS
8.8
EPSS Score
79.65%
Published
2019-01-22
Updated
2023-10-25

CVE-2019-1003000

Public exploit
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.
Max CVSS
8.8
EPSS Score
83.65%
Published
2019-01-22
Updated
2023-10-25
An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command Injection vulnerability allows attackers to execute arbitrary OS commands via shell metacharacters in a crafted /HNAP1 request. This occurs when the GetNetworkTomographyResult function calls the system function with an untrusted input parameter named Address. Consequently, an attacker can execute any command remotely when they control this input.
Max CVSS
10.0
EPSS Score
71.58%
Published
2019-01-31
Updated
2023-04-26
typora through 0.9.64 has XSS, with resultant remote command execution, during inline rendering of a mathematical formula.
Max CVSS
6.1
EPSS Score
0.19%
Published
2019-01-31
Updated
2019-02-01
typora through 0.9.63 has XSS, with resultant remote command execution, during block rendering of a mathematical formula.
Max CVSS
6.1
EPSS Score
0.19%
Published
2019-01-31
Updated
2019-02-01
An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server (or Man-in-The-Middle attacker) can overwrite arbitrary files in a directory on the rcp client machine. This is similar to CVE-2019-6111.
Max CVSS
7.4
EPSS Score
0.10%
Published
2019-01-31
Updated
2021-11-23
In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685.
Max CVSS
5.9
EPSS Score
0.30%
Published
2019-01-31
Updated
2022-04-22
An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code (via SCRIPT elements, event handlers, etc.). Since this code is stored by the plugin, the attacker may be able to target anyone who opens the configuration panel of the plugin.
Max CVSS
6.1
EPSS Score
0.09%
Published
2019-01-31
Updated
2019-02-01
In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn't have root access) to tamper with another's installs.
Max CVSS
9.8
EPSS Score
4.31%
Published
2019-01-31
Updated
2020-08-24
An issue was discovered in idreamsoft iCMS 7.0.13 on Windows. editor/editor.admincp.php allows admincp.php?app=files&do=browse ..\ Directory Traversal.
Max CVSS
7.5
EPSS Score
0.90%
Published
2019-01-30
Updated
2019-01-31
An issue was discovered in idreamsoft iCMS 7.0.13. editor/editor.admincp.php allows admincp.php?app=editor&do=fileManager dir=../ Directory Traversal.
Max CVSS
7.5
EPSS Score
0.90%
Published
2019-01-30
Updated
2019-01-31
An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory traversal via _app=/../ to designate an arbitrary directory because of an apps.admincp.php error. This directory can then be deleted via an admincp.php?app=apps&do=uninstall request.
Max CVSS
7.5
EPSS Score
0.11%
Published
2019-01-30
Updated
2019-02-01
An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory traversal via _app=/../ to begin the process of creating a ZIP archive file with the complete contents of any directory because of an apps.admincp.php error. This ZIP archive file can then be downloaded via an admincp.php?app=apps&do=pack request.
Max CVSS
9.1
EPSS Score
0.45%
Published
2019-01-30
Updated
2019-02-05
In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference.
Max CVSS
8.8
EPSS Score
0.20%
Published
2019-01-30
Updated
2019-02-01
An issue was discovered in FileChucker 4.99e-free-e02. filechucker.cgi has a filter bypass that allows a malicious user to upload any type of file by using % characters within the extension, e.g., file.%ph%p becomes file.php.
Max CVSS
7.8
EPSS Score
0.08%
Published
2019-01-31
Updated
2020-08-24
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4.
Max CVSS
4.8
EPSS Score
0.06%
Published
2019-01-29
Updated
2019-01-29
A stored-self XSS exists in ATutor through v2.2.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Real Name field to /mods/_core/users/admins/my_edit.php.
Max CVSS
6.1
EPSS Score
0.08%
Published
2019-01-29
Updated
2019-01-29
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/blocks/blocks/edit/8.
Max CVSS
4.8
EPSS Score
0.06%
Published
2019-01-29
Updated
2019-01-29
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/taxonomy/vocabularies.
Max CVSS
4.8
EPSS Score
0.06%
Published
2019-01-29
Updated
2019-01-29
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/menus/menus/edit/3.
Max CVSS
4.8
EPSS Score
0.06%
Published
2019-01-29
Updated
2019-01-29
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog.
Max CVSS
4.8
EPSS Score
0.06%
Published
2019-01-29
Updated
2019-01-29
idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ Directory Traversal via the udir parameter to files.admincp.php, resulting in execution of arbitrary PHP code from a ZIP file via the admincp.php?app=apps zipfile parameter to apps.admincp.php.
Max CVSS
9.8
EPSS Score
0.48%
Published
2019-01-29
Updated
2019-02-04
1212 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!