Security News

Security news from: cvedetails.com

  • CVE-2019-1010258 – 15. maj 2019
    nanosvg library nanosvg after commit c1f6e209c16b18b46aa9f45d7e619acf42c29726 is affected by: Buffer Overflow. The impact is: Memory corruption leading to at least DoS. More severe impact vectors need …
  • CVE-2019-1003089 – 4. april 2019
    Jenkins Upload to pgyer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master fil …
  • CVE-2019-1003090 – 4. april 2019
    A cross-site request forgery vulnerability in Jenkins SOASTA CloudTest Plugin in the CloudTestServer.DescriptorImpl#doValidate form validation method allows attackers to initiate a connection to an at …
  • CVE-2019-1003091 – 4. april 2019
    A missing permission check in Jenkins SOASTA CloudTest Plugin in the CloudTestServer.DescriptorImpl#doValidate form validation method allows attackers with Overall/Read permission to initiate a connec …
  • CVE-2019-1003092 – 4. april 2019
    A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a connection to an attacker-spe …
  • CVE-2019-1003093 – 4. april 2019
    A missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpl#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an …
  • CVE-2019-1003094 – 4. april 2019
    Jenkins Open STF Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. (CVSS:4.0) (Last …
  • CVE-2019-1003095 – 4. april 2019
    Jenkins Perfecto Mobile Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. (CVSS:4.0) …
  • CVE-2019-1003096 – 4. april 2019
    Jenkins TestFairy Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file syst …
  • CVE-2019-1003097 – 4. april 2019
    Jenkins Crowd Integration Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file syste …