| Max CVSS | 7.8 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-10328 | 6.5 |
Jenkins Pipeline Remote Loader Plugin 1.4 and earlier provided a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection.
|
25-10-2023 - 18:16 | 31-05-2019 - 15:29 | |
| CVE-2019-9514 | 7.8 |
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the p
|
19-10-2023 - 03:15 | 13-08-2019 - 21:15 | |
| CVE-2019-9512 | 7.8 |
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this d
|
12-08-2022 - 18:41 | 13-08-2019 - 21:15 | |
| CVE-2018-0504 | 4.0 |
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid
|
29-10-2019 - 19:15 | 04-10-2018 - 20:29 | |
| CVE-2018-0505 | 4.0 |
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock
|
18-10-2019 - 04:15 | 04-10-2018 - 20:29 | |
| CVE-2018-0503 | 4.0 |
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'.
|
18-10-2019 - 04:15 | 04-10-2018 - 20:29 |