CVE-2013-1938
Zimbra 2013 has XSS in aspell.php
Source: CVE-2013-1938
[월:] 2020년 02월
CVE-2013-3685
CVE-2013-3685
A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges.
Source: CVE-2013-3685
CVE-2013-1924
CVE-2013-1924
Commerce Skrill (Formerly Moneybookers) has an Access bypass vulnerability in all versions prior to 7.x-1.2
Source: CVE-2013-1924
CVE-2013-4090
CVE-2013-3494
CVE-2013-3494
A Code Execution Vulnerability exists in UMPlayer 0.98 in wintab32.dll due to insufficient path restrictions when loading external libraries. which could let a malicious user execute arbitrary code.
Source: CVE-2013-3494
CVE-2020-2131
CVE-2020-2131
Jenkins Harvest SCM Plugin 0.5.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
Source: CVE-2020-2131
CVE-2020-2128
CVE-2020-2128
Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.
Source: CVE-2020-2128
CVE-2020-2129
CVE-2020-2129
Jenkins Eagle Tester Plugin 1.0.9 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system.
Source: CVE-2020-2129
CVE-2020-8595
CVE-2020-8595
Istio 1.3 through 1.4.3 allows authentication bypass. The Authentication Policy exact-path matching logic can allow unauthorized access to HTTP paths even if they are configured to be only accessed after presenting a valid JWT token. For example, an attacker can add a ? or # character to a URI that would otherwise satisfy an exact-path match.
Source: CVE-2020-8595
CVE-2020-2127
CVE-2020-2127
Jenkins BMC Release Package and Deployment Plugin 1.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
Source: CVE-2020-2127