RedPacket Security - InfoSec News & Tutorials

Jenkins Embeddable Build Status Plugin cross-site scripting | CVE-2022-34178

June 23, 2022

NAME Jenkins Embeddable Build Status Plugin cross-site scripting Platforms Affected:Jenkins Embeddable Build Status Plugin 2.0.3Risk Level:8.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Embeddable...

Quectel RG502Q-EA devices command execution | CVE-2022-26147

June 23, 2022

NAME Quectel RG502Q-EA devices command execution Platforms Affected:Quectel RG502Q-EA 2022-02-23Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Quectel RG502Q-EA devices could allow a remote...

Jenkins Image Tag Parameter Plugin cross-site scripting | CVE-2022-34189

June 23, 2022

NAME Jenkins Image Tag Parameter Plugin cross-site scripting Platforms Affected:Jenkins Image Tag Parameter Plugin 1.10Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Image...

Jenkins NS-ND Integration Performance Publisher Plugin cross-site scripting | CVE-2022-34191

June 23, 2022

NAME Jenkins NS-ND Integration Performance Publisher Plugin cross-site scripting Platforms Affected:Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.77Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION...

iSpyConnect iSpy directory traversal | CVE-2022-29774

June 23, 2022

NAME iSpyConnect iSpy directory traversal Platforms Affected:iSpyconnect iSpy 7.2.2.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION iSpyConnect iSpy could allow a remote attacker to...

Jenkins Package Version Plugin cross-site scripting | CVE-2022-34193

June 23, 2022

NAME Jenkins Package Version Plugin cross-site scripting Platforms Affected:Jenkins Package Version Plugin 1.0.1Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Package Version Plugin...

Jenkins JUnit Plugin cross-site scripting | CVE-2022-34176

June 23, 2022

NAME Jenkins JUnit Plugin cross-site scripting Platforms Affected:Jenkins JUnit Plugin 1119.va_a_5e9068da_d7Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins JUnit Plugin is vulnerable to...

Jenkins Pipeline: Input Step Plugin security bypass | CVE-2022-34177

June 23, 2022

NAME Jenkins Pipeline: Input Step Plugin security bypass Platforms Affected:Jenkins Pipeline: Input Step Plugin 448.v37cea_9a_10a_70Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Jenkins Pipeline:...

Jenkins weekly cross-site scripting | CVE-2022-34173

June 23, 2022

NAME Jenkins weekly cross-site scripting Platforms Affected:Jenkins weekly 2.355Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins weekly is vulnerable to cross-site scripting, caused...

Researchers found flaws in MEGA that allowed to decrypt of user data

June 23, 2022

Researchers at ETH Zurich discovered several critical flaws in the MEGA cloud storage service that could have allowed the decryption...

Daily Vulnerability Trends: Thu Jun 23 2022

June 23, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2019-13382UploaderService in SnagIT 2019.1.2 allows elevation of privilege by placing an invalid...