Skip to main content
CVE-2019-10189 MEDIUM PATCH This Month

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Moodle
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2019-10188 MEDIUM PATCH This Month

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Moodle
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2019-10187 MEDIUM PATCH This Month

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Moodle
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2019-4163 MEDIUM This Month

IBM StoreIQ 7.6.0.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Storediq
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2019-10365 MEDIUM PATCH This Month

Jenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a temporary file containing a temporary access token in the project workspace, where it could be accessed by users with Job/Read. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Jenkins Kubernetes Information Disclosure Kubernetes Engine
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2019-10357 MEDIUM PATCH This Month

A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and earlier allowed users with Overall/Read access to obtain limited information about the content of SCM. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Pipeline Openshift Container Platform
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2019-10344 MEDIUM PATCH This Month

Missing permission checks in Jenkins Configuration as Code Plugin 1.24 and earlier in various HTTP endpoints allowed users with Overall/Read access to access the generated schema and documentation. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Configuration As Code
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2019-10343 LOW PATCH Monitor

Jenkins Configuration as Code Plugin 1.24 and earlier did not properly apply masking to values expected to be hidden when logging the configuration being applied. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Jenkins Information Disclosure Configuration As Code
NVD
CVSS 3.1
3.3
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy