Filtered by CWE-441

Search

Switch to Advanced Search (Beta)
Total 26 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-1999038 1 Jenkins 1 Publish Over Cifs 2024-11-21 N/A
A confused deputy vulnerability exists in Jenkins Publisher Over CIFS Plugin 0.10 and earlier in CifsPublisherPluginDescriptor.java that allows attackers to have Jenkins connect to an attacker specified CIFS server with attacker specified credentials.
CVE-2018-16598 1 Amazon 2 Amazon Web Services Freertos, Freertos 2024-11-21 N/A
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request.
CVE-2018-12182 1 Tianocore 1 Edk Ii 2024-11-21 N/A
Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
CVE-2015-2947 1 Grabacr.net 1 Kancolleviewer 2024-11-21 N/A
KanColleViewer versions 3.8.1 and earlier operates as an open proxy which allows remote attackers to trigger outbound network traffic.
CVE-2015-10003 1 Filezilla-project 1 Filezilla Server 2024-11-21 4.3 Medium
A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. This affects an unknown part of the component PORT Handler. The manipulation leads to unintended intermediary. It is possible to initiate the attack remotely. Upgrading to version 0.9.51 is able to address this issue. It is recommended to upgrade the affected component.
CVE-2024-30128 1 Hcltech 1 Nomad Server On Domino 2024-09-26 8.6 High
HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into exposing sensitive information.