NVD List

Id Name Description Reject CVSS Version CVSS Score Severity Pub Date Modified Date Actions
19493  CVE-2016-3725  Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users to trigger updating of update site metadata by leveraging a missing permissions check. NOTE: this issue can be combined with DNS cache poisoning to cause a denial of service (service disruption).    Medium  2017-01-19  2016-07-14  View
19494  CVE-2016-3726  Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs.    5.8  Medium  2017-01-19  2016-07-14  View
19495  CVE-2016-3727  The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors.    Medium  2017-01-19  2016-07-14  View
19496  CVE-2016-3728  Eval injection vulnerability in tftp_api.rb in the TFTP module in the Smart-Proxy in Foreman before 1.10.4 and 1.11.x before 1.11.2 allows remote attackers to execute arbitrary code via the PXE template type portion of the PATH_INFO to tftp/.    6.8  Medium  2017-01-19  2016-05-23  View
85139  CVE-2016-3729  The user editing form in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to edit profile fields locked by the administrator.          2017-04-27  2017-04-20  View

Page 15826 of 17672, showing 5 records out of 88360 total, starting on record 79126, ending on 79130

Actions