Monthly Archive: May 2022

Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library which has a buffer overflow vulnerability that may allow users able to connect to a named pipe to execute commands...

Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller’s file system using local paths as SCM URLs, obtaining limited information...

Jenkins Mercurial Plugin 2.16 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller’s file system using local paths as SCM URLs, obtaining limited information...

Jenkins Git Plugin 4.11.1 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller’s file system using local paths as SCM URLs, obtaining limited information...

A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver. Date published : 2022-05-17 https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116 http://www.openwall.com/lists/oss-security/2022/05/17/8

Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines. Date published : 2022-05-17 https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-359 http://www.openwall.com/lists/oss-security/2022/05/17/8

The file preview functionality in Jirafeau < 4.4.0, which is enabled by default, could be exploited for cross site scripting. An attacker could upload image/svg+xml files containing JavaScript. When someone visits the File Preview...

D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. An attacker could use the "../../../../" setting of the FTP server folder to set the router’s root folder for FTP access. This allows you to...

In Apache ShenYui, ShenYu-Bootstrap, RegexPredicateJudge.java uses Pattern.matches(conditionData.getParamValue(), realData) to make judgments, where both parameters are controllable by the user. This can cause an attacker pass in malicious regular expressions and characters causing a resource...

A vulnerability, which was classified as critical, was found in WoWonder. Affected is the file /requests.php which is responsible to handle group messages. The manipulation of the argument group_id allows posting messages in other...

Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.6. Date published : 2022-05-17 https://huntr.dev/bounties/619851a4-2a08-4196-80e9-ab41953491d8 https://github.com/jgraph/drawio/commit/7a68ebe22a64fe722704e9c4527791209fee2034

Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.5. Date published : 2022-05-17 https://huntr.dev/bounties/c32afff5-6ad5-4d4d-beea-f55ab4925797 https://github.com/jgraph/drawio/commit/cf5c78aa0f3127fb10053db55b39f3017a0654ae

A remote command execution (RCE) vulnerability was found in FeMiner wms V1.0 in /wms/src/system/datarec.php. The $_POST[r_name] is directly passed into the $mysqlstr and is executed by exec. Date published : 2022-05-16 https://github.com/FeMiner/wms/issues/12

ACCEL-PPP 1.12.0 has an out-of-bounds read in post_msg when processing a call_clear_request. Date published : 2022-05-16 https://github.com/xebd/accel-ppp/issues/158