Export limit exceeded: 331301 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 331301 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 331301 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 74338 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74338 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-10299 | 1 Jenkins | 1 Cloudcoreo Deploytime | 2024-11-21 | 8.8 High |
| Jenkins CloudCoreo DeployTime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | ||||
| CVE-2019-10298 | 1 Jenkins | 1 Koji | 2024-11-21 | 8.8 High |
| Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | ||||
| CVE-2019-10297 | 1 Jenkins | 1 Sametime | 2024-11-21 | 8.8 High |
| Jenkins Sametime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | ||||
| CVE-2019-10296 | 1 Jenkins | 1 Serena Sra Deploy | 2024-11-21 | 8.8 High |
| Jenkins Serena SRA Deploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | ||||
| CVE-2019-10295 | 1 Jenkins | 1 Crittercism-dsym | 2024-11-21 | 8.8 High |
| Jenkins crittercism-dsym Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | ||||
| CVE-2019-10294 | 1 Jenkins | 1 Kmap | 2024-11-21 | 8.8 High |
| Jenkins Kmap Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | ||||
| CVE-2019-10291 | 1 Jenkins | 1 Netsparker Cloud Scan | 2024-11-21 | 8.8 High |
| Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | ||||
| CVE-2019-10288 | 1 Jenkins | 1 Jabber Server | 2024-11-21 | 8.8 High |
| Jenkins Jabber Server Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | ||||
| CVE-2019-10287 | 1 Jenkins | 1 Youtrack-plugin | 2024-11-21 | 8.8 High |
| Jenkins youtrack-plugin Plugin 0.7.1 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | ||||
| CVE-2019-10286 | 1 Jenkins | 1 Deployhub | 2024-11-21 | 8.8 High |
| Jenkins DeployHub Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | ||||
| CVE-2019-10285 | 1 Jenkins | 1 Minio Storage | 2024-11-21 | 8.8 High |
| Jenkins Minio Storage Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | ||||
| CVE-2019-10284 | 1 Jenkins | 1 Diawi Upload | 2024-11-21 | 8.8 High |
| Jenkins Diawi Upload Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | ||||
| CVE-2019-10283 | 1 Jenkins | 1 Mabl | 2024-11-21 | 8.8 High |
| Jenkins mabl Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | ||||
| CVE-2019-10282 | 1 Jenkins | 1 Klaros-testmanagement | 2024-11-21 | 8.8 High |
| Jenkins Klaros-Testmanagement Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | ||||
| CVE-2019-10281 | 1 Jenkins | 1 Relution Enterprise Appstore Publisher | 2024-11-21 | 8.8 High |
| Jenkins Relution Enterprise Appstore Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | ||||
| CVE-2019-10280 | 1 Jenkins | 1 Assembla Auth | 2024-11-21 | 8.8 High |
| Jenkins Assembla Auth Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | ||||
| CVE-2019-10277 | 1 Jenkins | 1 Starteam | 2024-11-21 | 8.8 High |
| Jenkins StarTeam Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | ||||
| CVE-2019-10270 | 1 Ultimatemember | 1 Ultimate Member | 2024-11-21 | 8.8 High |
| An arbitrary password reset issue was discovered in the Ultimate Member plugin 2.39 for WordPress. It is possible (due to lack of verification and correlation between the reset password key sent by mail and the user_id parameter) to reset the password of another user. One only needs to know the user_id, which is publicly available. One just has to intercept the password modification request and modify user_id. It is possible to modify the passwords for any users or admin WordPress Ultimate Members. This could lead to account compromise and privilege escalation. | ||||
| CVE-2019-10249 | 1 Eclipse | 2 Xtend, Xtext | 2024-11-21 | 8.1 High |
| All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised. | ||||
| CVE-2019-10245 | 2 Eclipse, Redhat | 8 Openj9, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-11-21 | 7.5 High |
| In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load. | ||||