Ugrás a tartalomra

Riasztások

2024. Nov. 13.

NA - CVE-2024-41167 - Improper input validation in UEFI firmware in...

Improper input validation in UEFI firmware in some Intel(R) Server Board M10JNP2SB Family may allow a privileged user to potentially enable escalation of privilege via local access.
security-database.com
Tovább
2024. Nov. 13.

NA - CVE-2024-45875 - The create user function in baltic-it TOPqw...

The create user function in baltic-it TOPqw Webportal 1.35.287.1 (fixed in version1.35.291), in /Apps/TOPqw/BenutzerManagement.aspx/SaveNewUser, is vulnerable to SQL injection. The JSON object...
security-database.com
Tovább
2024. Nov. 13.

NA - CVE-2024-45876 - The login form of baltic-it TOPqw Webportal...

The login form of baltic-it TOPqw Webportal v1.35.283.2 (fixed in version 1.35.283.4) at /Apps/TOPqw/Login.aspx is vulnerable to SQL injection. The vulnerability exists in the POST parameter...
security-database.com
Tovább
2024. Nov. 13.

NA - CVE-2024-45877 - baltic-it TOPqw Webportal v1.35.283.2 is...

baltic-it TOPqw Webportal v1.35.283.2 is vulnerable to Incorrect Access Control in the User Management function in /Apps/TOPqw/BenutzerManagement.aspx. This allows a low privileged user to access...
security-database.com
Tovább
2024. Nov. 13.

NA - CVE-2024-45878 - The "Stammdaten" menu of baltic-it TOPqw...

The "Stammdaten" menu of baltic-it TOPqw Webportal v1.35.283.2 (fixed in version 1.35.291), in /Apps/TOPqw/qwStammdaten.aspx, is vulnerable to persistent Cross-Site Scripting (XSS).
security-database.com
Tovább
2024. Nov. 13.

NA - CVE-2024-45879 - The file upload function in the "QWKalkulation"...

The file upload function in the "QWKalkulation" tool of baltic-it TOPqw Webportal v1.35.287.1 (fixed in version 1.35.291), in /Apps/TOPqw/QWKalkulation/QWKalkulation.aspx, is vulnerable to...
security-database.com
Tovább
2024. Nov. 13.

NA - CVE-2024-52549 - Jenkins Script Security Plugin...

Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va_3b_b_89f8a_95b_ and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form...
security-database.com
Tovább
2024. Nov. 13.

NA - CVE-2024-52550 - Jenkins Pipeline: Groovy Plugin...

Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing...
security-database.com
Tovább
2024. Nov. 13.

NA - CVE-2024-52551 - Jenkins Pipeline: Declarative Plugin...

Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restart a build from a specific stage is approved, allowing...
security-database.com
Tovább
2024. Nov. 13.

NA - CVE-2024-52552 - Jenkins Authorize Project Plugin 1.7.2 and...

Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting (XSS)...
security-database.com
Tovább
Nyelv