A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. As of version 0.43, this form …
[System.ServiceModel.Security] Improper Certificate Validation in Microsoft .NET Framework components
A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka “.NET Framework Security Feature Bypass Vulnerability.” This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0,…
[org.apache.ws.security:wss4j] Improper Access Control in Apache WSS4J
Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to “wrapping attacks.”
References
https://nvd.nist.gov/vuln/detail/CVE-2015-0227
https://excha…
[org.glassfish:javax.faces] Improper Neutralization of Input During Web Page Generation in Mojarra
Oracle Mojarra 2.2.x before 2.2.6 and 2.1.x before 2.1.28 does not perform appropriate encoding when a (1) <h:outputText> tag or (2) EL expression is used after a scriptor style block, which allows remote attackers to conduct cross-site scripting…
[com.jamonapi:jamon] Improper Neutralization of Input During Web Page Generation in JAMon
Multiple cross-site scripting (XSS) vulnerabilities in JAMon (Java Application Monitor) 2.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) listenertype or (2) currentlistener parameter to mondetail.jsp or ArraySQL…
[org.apache.cassandra:apache-cassandra] Improper Neutralization of Special Elements used in a Command in Apache Cassandra
The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an …
[org.apache.sling:org.apache.sling.servlets.post] Improper Neutralization of Input During Web Page Generation Apache Sling Servlets Post
The Javascript method Sling.evalString() in Apache Sling Servlets Post before 2.3.22 uses the javascript ‘eval’ function to parse input strings, which allows for XSS attacks by passing specially crafted input strings.
References
https://nvd.nist.gov/v…
[pymongo] Use of NullPointerException Catch to Detect NULL Pointer Dereference in Pymongo
bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an “invalid DBRef.”
…
[logilab-common] Creation of Temporary File With Insecure Permissions in logilab-commons
The Execute class in shellutils in logilab-common before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file.
References
https://nvd.nist.gov/vuln/detail/CVE-2014-1839
https://bugs.deb…
[requests] Exposure of Sensitive Information to an Unauthorized Actor in Requests
Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request.
References
https://nvd.nist.gov/vuln/detail/CVE-2014-1830
https://github.com/kennethre…