CVE-2022-45400 - XXE Vulnerability in Jenkins JAPEX Plugin 1.7 and Earlier – Exploiting Misconfigured XML Parsers
Published: June 2024
Introduction
A critical security vulnerability, CVE-2022-45400, has been discovered in the Jenkins JAPEX Plugin version 1.7 and earlier. This issue happens
CVE-2022-45396 - Exploiting Jenkins SourceMonitor Plugin’s XXE Vulnerability (with PoC)
Jenkins is one of the most popular automation tools for CI/CD, used by thousands of organizations worldwide. However, plugin vulnerabilities can easily undermine your
CVE-2022-45383 The permission check in the Support/DownloadBundle plugin was flawed and could be abused by attackers with Support/DownloadBundle permission.
This issue was discovered when updating Jenkins from Support/1.641.vb6a to Support/1.641.vb6a-1. A newly created support bundle was downloaded by
CVE-2022-45389 An missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier allows unauthenticated attackers to trigger builds of jobs for an attacker-specified repository.
The issue is caused by a missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier. When installing this plugin, an attacker could specify
CVE-2022-25679 - How Improper Access Control in Snapdragon Broadcast Receivers Can Crash Your Video
In the fast-evolving world of smartphones and IoT gadgets, Qualcomm's Snapdragon chips are everywhere—from mobile phones to wearables and smart home devices.
Episode
00:00:00
00:00:00