Total
446 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33837 | 1 Ibm | 1 Security Verify Governance | 2023-10-28 | N/A | 7.5 HIGH |
| IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before storage or transmission. IBM X-Force ID: 256020. | |||||
| CVE-2022-40295 | 1 Phppointofsale | 1 Php Point Of Sale | 2023-10-25 | N/A | 4.9 MEDIUM |
| The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via offline attacks. | |||||
| CVE-2020-2250 | 1 Jenkins | 1 Soapui Pro Functional Testing | 2023-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins SoapUI Pro Functional Testing Plugin 1.3 and earlier stores project passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by attackers with Extended Read permission, or access to the Jenkins controller file system. | |||||
| CVE-2020-2249 | 1 Jenkins | 1 Team Foundation Server | 2023-10-25 | 2.1 LOW | 3.3 LOW |
| Jenkins Team Foundation Server Plugin 5.157.1 and earlier stores a webhook secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system. | |||||
| CVE-2020-2239 | 1 Jenkins | 1 Parameterized Remote Trigger | 2023-10-25 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system. | |||||
| CVE-2019-1003095 | 1 Jenkins | 1 Perfecto Mobile | 2023-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Perfecto Mobile Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-1003094 | 1 Jenkins | 1 Open Stf | 2023-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Open STF Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-1003089 | 1 Jenkins | 1 Upload To Pgyer | 2023-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Upload to pgyer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-1003088 | 1 Jenkins | 1 Fabric Beta Publisher | 2023-10-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Fabric Beta Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-1003075 | 1 Jenkins | 1 Audit To Database | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins Audit to Database Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-1003074 | 1 Jenkins | 1 Hyper.sh Commons | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins Hyper.sh Commons Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-1003073 | 1 Jenkins | 1 Vs Team Services Continuous Deployment | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins VS Team Services Continuous Deployment Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-1003072 | 1 Jenkins | 1 Wildfly Deployer | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins WildFly Deployer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-1003071 | 1 Jenkins | 1 Octopusdeploy | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins OctopusDeploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-1003070 | 1 Jenkins | 1 Veracode-scanner | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins veracode-scanner Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-1003069 | 1 Jenkins | 1 Aqua Security Scanner | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins Aqua Security Scanner Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-1003068 | 1 Jenkins | 1 Vmware Vrealize Automation | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins VMware vRealize Automation Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-1003067 | 1 Jenkins | 1 Trac Publisher | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins Trac Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | |||||
| CVE-2019-1003066 | 1 Jenkins | 1 Bugzilla | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins Bugzilla Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||
| CVE-2019-1003065 | 1 Jenkins | 1 Cloudshare Docker-machine | 2023-10-25 | 4.0 MEDIUM | 8.8 HIGH |
| Jenkins CloudShare Docker-Machine Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | |||||