• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-78

CVE-2022-25263

February 23, 2023 by godfreyd94

JetBrains TeamCity before 2021.2.3 was vulnerable to OS command injection in the Agent Push feature configuration.

CVE-2022-25173

February 23, 2023 by godfreyd94

Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier uses the same checkout directories for distinct SCMs when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.

CVE-2022-25174

February 23, 2023 by godfreyd94

Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the same checkout directories for distinct SCMs for Pipeline libraries, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.

CVE-2022-25175

February 23, 2023 by godfreyd94

Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier uses the same checkout directories for distinct SCMs for the readTrusted step, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.

CVE-2022-25048

February 23, 2023 by godfreyd94

Command injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as the root user.

CVE-2022-25017

February 23, 2023 by godfreyd94

Hitron CHITA 7.2.2.0.3b6-CD devices contain a command injection vulnerability via the Device/DDNS ddnsUsername field.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 324
  • Go to page 325
  • Go to page 326
  • Go to page 327
  • Go to page 328
  • Interim pages omitted …
  • Go to page 342
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE