A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
IBM StoreIQ 7.6.0.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Jenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a temporary file containing a temporary access token in the project workspace, where it could be accessed by users with Job/Read. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and earlier allowed users with Overall/Read access to obtain limited information about the content of SCM. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing permission checks in Jenkins Configuration as Code Plugin 1.24 and earlier in various HTTP endpoints allowed users with Overall/Read access to access the generated schema and documentation. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Jenkins Configuration as Code Plugin 1.24 and earlier did not properly apply masking to values expected to be hidden when logging the configuration being applied. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.