CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 3 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2751 CVE-2020-2244 79 XSS 2020-09-01 2020-09-04
3.5
None Remote Medium ??? None Partial None
Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to provide console output for builds used to test build log indications.
2752 CVE-2020-2243 79 XSS 2020-09-01 2020-09-04
3.5
None Remote Medium ??? None Partial None
Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission.
2753 CVE-2020-2238 79 XSS 2020-09-01 2020-09-04
3.5
None Remote Medium ??? None Partial None
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
2754 CVE-2020-2236 79 XSS 2020-08-12 2020-08-13
3.5
None Remote Medium ??? None Partial None
Jenkins Yet Another Build Visualizer Plugin 1.11 and earlier does not escape tooltip content, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Run/Update permission.
2755 CVE-2020-2231 79 XSS 2020-08-12 2020-12-18
3.5
None Remote Medium ??? None Partial None
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the remote address of the host starting a build via 'Trigger builds remotely', resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Job/Configure permission or knowledge of the Authentication Token.
2756 CVE-2020-2230 79 XSS 2020-08-12 2020-12-11
3.5
None Remote Medium ??? None Partial None
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the project naming strategy description, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Overall/Manage permission.
2757 CVE-2020-2229 79 XSS 2020-08-12 2020-12-11
3.5
None Remote Medium ??? None Partial None
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the tooltip content of help icons, resulting in a stored cross-site scripting (XSS) vulnerability.
2758 CVE-2020-2227 79 XSS 2020-07-15 2020-07-22
3.5
None Remote Medium ??? None Partial None
Jenkins Deployer Framework Plugin 1.2 and earlier does not escape the URL displayed in the build home page, resulting in a stored cross-site scripting vulnerability.
2759 CVE-2020-2226 79 XSS 2020-07-15 2020-07-22
3.5
None Remote Medium ??? None Partial None
Jenkins Matrix Authorization Strategy Plugin 2.6.1 and earlier does not escape user names shown in the configuration, resulting in a stored cross-site scripting vulnerability.
2760 CVE-2020-2225 79 XSS 2020-07-15 2020-07-21
3.5
None Remote Medium ??? None Partial None
Jenkins Matrix Project Plugin 1.16 and earlier does not escape the axis names shown in tooltips on the overview page of builds with multiple axes, resulting in a stored cross-site scripting vulnerability.
2761 CVE-2020-2224 79 XSS 2020-07-15 2020-07-21
3.5
None Remote Medium ??? None Partial None
Jenkins Matrix Project Plugin 1.16 and earlier does not escape the node names shown in tooltips on the overview page of builds with a single axis, resulting in a stored cross-site scripting vulnerability.
2762 CVE-2020-2223 79 XSS 2020-07-15 2020-07-21
3.5
None Remote Medium ??? None Partial None
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape correctly the 'href' attribute of links to downstream jobs displayed in the build console page, resulting in a stored cross-site scripting vulnerability.
2763 CVE-2020-2222 79 XSS 2020-07-15 2020-07-21
3.5
None Remote Medium ??? None Partial None
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the job name in the 'Keep this build forever' badge tooltip, resulting in a stored cross-site scripting vulnerability.
2764 CVE-2020-2221 79 XSS 2020-07-15 2020-07-21
3.5
None Remote Medium ??? None Partial None
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the upstream job's display name shown as part of a build cause, resulting in a stored cross-site scripting vulnerability.
2765 CVE-2020-2220 79 XSS 2020-07-15 2020-07-21
3.5
None Remote Medium ??? None Partial None
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the agent name in the build time trend page, resulting in a stored cross-site scripting vulnerability.
2766 CVE-2020-2219 79 XSS 2020-07-02 2020-07-06
3.5
None Remote Medium ??? None Partial None
Jenkins Link Column Plugin 1.0 and earlier does not filter URLs of links created by users with View/Configure permission, resulting in a stored cross-site scripting vulnerability.
2767 CVE-2020-2214 79 XSS 2020-07-02 2020-07-08
3.5
None Remote Medium ??? None Partial None
Jenkins ZAP Pipeline Plugin 1.9 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
2768 CVE-2020-2205 79 XSS 2020-07-02 2020-07-06
3.5
None Remote Medium ??? None Partial None
Jenkins VncRecorder Plugin 1.25 and earlier does not escape a tool path in the `checkVncServ` form validation endpoint, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by Jenkins administrators.
2769 CVE-2020-2201 79 XSS 2020-07-02 2020-07-09
3.5
None Remote Medium ??? None Partial None
Jenkins Sonargraph Integration Plugin 3.0.0 and earlier does not escape the file path for the Log file field form validation, resulting in a stored cross-site scripting vulnerability.
2770 CVE-2020-2195 79 XSS 2020-06-03 2020-06-03
3.5
None Remote Medium ??? None Partial None
Jenkins Compact Columns Plugin 1.11 and earlier displays the unprocessed job description in tooltips, resulting in a stored cross-site scripting vulnerability that can be exploited by users with Job/Configure permission.
2771 CVE-2020-2194 79 XSS 2020-06-03 2020-06-03
3.5
None Remote Medium ??? None Partial None
Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the display name of the builds in the trend chart, resulting in a stored cross-site scripting vulnerability.
2772 CVE-2020-2193 79 XSS 2020-06-03 2020-06-03
3.5
None Remote Medium ??? None Partial None
Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the parser identifier when rendering charts, resulting in a stored cross-site scripting vulnerability.
2773 CVE-2020-2190 79 XSS 2020-06-03 2020-06-03
3.5
None Remote Medium ??? None Partial None
Jenkins Script Security Plugin 1.72 and earlier does not correctly escape pending or approved classpath entries on the In-process Script Approval page, resulting in a stored cross-site scripting vulnerability.
2774 CVE-2020-2176 79 XSS 2020-04-07 2020-04-07
3.5
None Remote Medium ??? None Partial None
Multiple form validation endpoints in Jenkins useMango Runner Plugin 1.4 and earlier do not escape values received from the useMango service, resulting in a cross-site scripting (XSS) vulnerability exploitable by users able to control the values returned from the useMango service.
2775 CVE-2020-2175 79 XSS 2020-04-07 2020-04-07
3.5
None Remote Medium ??? None Partial None
Jenkins FitNesse Plugin 1.31 and earlier does not correctly escape report contents before showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users able to control the XML input files processed by the plugin.
2776 CVE-2020-2173 79 XSS 2020-04-07 2020-04-07
3.5
None Remote Medium ??? None Partial None
Jenkins Gatling Plugin 1.2.7 and earlier prevents Content-Security-Policy headers from being set for Gatling reports served by the plugin, resulting in an XSS vulnerability exploitable by users able to change report content.
2777 CVE-2020-2170 79 XSS 2020-03-25 2020-03-27
3.5
None Remote Medium ??? None Partial None
Jenkins RapidDeploy Plugin 4.2 and earlier does not escape package names in the table of packages obtained from a remote server, resulting in a stored XSS vulnerability.
2778 CVE-2020-2163 79 XSS 2020-03-25 2020-03-27
3.5
None Remote Medium ??? None Partial None
Jenkins 2.227 and earlier, LTS 2.204.5 and earlier improperly processes HTML content of list view column headers, resulting in a stored XSS vulnerability exploitable by users able to control column headers.
2779 CVE-2020-2162 79 XSS 2020-03-25 2020-03-27
3.5
None Remote Medium ??? None Partial None
Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability.
2780 CVE-2020-2161 79 XSS 2020-03-25 2020-03-30
3.5
None Remote Medium ??? None Partial None
Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels that are shown in the form validation for label expressions on job configuration pages, resulting in a stored XSS vulnerability exploitable by users able to define node labels.
2781 CVE-2020-2137 79 XSS 2020-03-09 2020-03-09
3.5
None Remote Medium ??? None Partial None
Jenkins Timestamper Plugin 1.11.1 and earlier does not sanitize HTML formatting of its output, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission.
2782 CVE-2020-2136 79 XSS 2020-03-09 2020-03-09
3.5
None Remote Medium ??? None Partial None
Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability.
2783 CVE-2020-2122 79 XSS 2020-02-12 2020-02-14
3.5
None Remote Medium ??? None Partial None
Jenkins Brakeman Plugin 0.12 and earlier did not escape values received from parsed JSON files when rendering them, resulting in a stored cross-site scripting vulnerability exploitable by users able to control the Brakeman post-build step input data.
2784 CVE-2020-2113 79 XSS 2020-02-12 2020-02-14
3.5
None Remote Medium ??? None Partial None
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.
2785 CVE-2020-2112 79 XSS 2020-02-12 2020-02-14
3.5
None Remote Medium ??? None Partial None
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.
2786 CVE-2020-2111 79 XSS 2020-02-12 2020-02-14
3.5
None Remote Medium ??? None Partial None
Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability.
2787 CVE-2020-2106 79 XSS 2020-01-29 2020-01-30
3.5
None Remote Medium ??? None Partial None
Jenkins Code Coverage API Plugin 1.1.2 and earlier does not escape the filename of the coverage report used in its view, resulting in a stored XSS vulnerability exploitable by users able to change job configurations.
2788 CVE-2020-2102 203 2020-01-29 2020-03-17
3.5
None Remote Medium ??? Partial None None
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.
2789 CVE-2020-2101 203 2020-01-29 2020-03-17
3.5
None Remote Medium ??? Partial None None
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.
2790 CVE-2020-2035 2020-08-12 2021-10-19
3.5
None Remote Medium ??? None Partial None
When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on the decrypted HTTPS web transactions but does not consider Server Name Indication (SNI) field within the TLS Client Hello handshake. This allows a compromised host in a protected network to evade any security policy that uses URL filtering on a firewall configured with SSL Decryption in the Forward Proxy mode. A malicious actor can then use this technique to evade detection of communication on the TLS handshake phase between a compromised host and a remote malicious server. This technique does not increase the risk of a host being compromised in the network. It does not impact the confidentiality or availability of a firewall. This is considered to have a low impact on the integrity of the firewall because the firewall fails to enforce a policy on certain traffic that should have been blocked. This issue does not impact the URL filtering policy enforcement on clear text or encrypted web transactions. This technique can be used only after a malicious actor has compromised a host in the protected network and the TLS/SSL Decryption feature is enabled for the traffic that the attacker controls. Palo Alto Networks is not aware of any malware that uses this technique to exfiltrate data. This issue is applicable to all current versions of PAN-OS. This issue does not impact Panorama or WF-500 appliances.
2791 CVE-2020-1991 269 2020-04-08 2020-04-10
3.6
None Local Low Not required None Partial Partial
An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux or MacOS.
2792 CVE-2020-1958 200 Bypass +Info 2020-04-01 2021-07-21
3.5
None Remote Medium ??? Partial None None
When LDAP authentication is enabled in Apache Druid 0.17.0, callers of Druid APIs with a valid set of LDAP credentials can bypass the credentialsValidator.userSearch filter barrier that determines if a valid LDAP user is allowed to authenticate with Druid. They are still subject to role-based authorization checks, if configured. Callers of Druid APIs can also retrieve any LDAP attribute values of users that exist on the LDAP server, so long as that information is visible to the Druid server. This information disclosure does not require the caller itself to be a valid LDAP user.
2793 CVE-2020-1945 668 +Info 2020-05-14 2021-12-03
3.3
None Local Medium Not required Partial Partial None
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.
2794 CVE-2020-1879 354 2020-03-20 2020-04-16
3.6
None Local Low Not required None Partial Partial
There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3).
2795 CVE-2020-1866 125 2021-01-13 2021-01-19
3.3
None Local Network Low Not required None None Partial
There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00.
2796 CVE-2020-1865 125 2021-01-13 2021-01-19
3.3
None Local Network Low Not required Partial None None
There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the system does the certain operation.
2797 CVE-2020-1855 20 2020-02-18 2021-07-21
3.6
None Local Low Not required None Partial Partial
Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal.
2798 CVE-2020-1840 287 Exec Code +Info 2020-01-21 2020-01-29
3.6
None Local Low Not required Partial None Partial
HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. A local attacker with high privilege can execute a specific command to exploit this vulnerability. Successful exploitation may cause information leak and compromise the availability of the smart phones.Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.0.0.175(C00E70R3P8)
2799 CVE-2020-1839 362 Exec Code 2020-07-06 2020-07-09
3.7
None Local High Not required Partial Partial Partial
HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a race condition vulnerability. There is a timing window exists in which certain pointer members can be modified by another process that is operating concurrently, an attacker should trick the user into running a crafted application with high privilege, successful exploit could cause code execution.
2800 CVE-2020-1835 200 +Info 2020-06-18 2021-07-21
3.3
None Local Network Low Not required Partial None None
HUAWEI Mate 30 with versions earlier than 10.1.0.126(C00E125R5P3) have an information disclosure vulnerability. A logic judgment error occurs when the system handling Bluetooth connections, an attacker could craft as an authenticated Bluetooth peer to launch the attack. Successful exploit could cause information disclosure.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.