Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.4 views

Astra Linux - уязвимость в gimp

GIMP PGM File Parsing: Uninitialized Memory Causes Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or...

7.8CVSS6.2AI score0.00045EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/02/20 10:23 p.m.3 views

CVE-2026-2044

GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...

7.8CVSS6.4AI score0.00045EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/23 9:54 a.m.5 views

CVE-2024-28158

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build...

4.3CVSS6.7AI score0.0006EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 1:5 a.m.4 views

CVE-2022-28158

A missing permission check in Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

6.5CVSS6.4AI score0.00047EPSS
Exploits0References1
Circl
Circladded 2024/03/06 6:26 p.m.4 views

CVE-2024-28158

creationtimestamp| type| source ---|---|--- 2024-03-06 18:26:58+00:00| seen| https://t.me/ctinow/201629...

4.3CVSS4.8AI score0.0006EPSS
Exploits0References1
NVD
NVDadded 2024/03/06 5:15 p.m.8 views

CVE-2024-28158

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build...

4.3CVSS5.7AI score0.0006EPSS
Exploits0References2
OSV
OSVadded 2024/03/06 5:15 p.m.4 views

CVE-2024-28158

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build...

4.3CVSS7AI score
Exploits0References2
Cvelist
Cvelistadded 2024/03/06 5:1 p.m.15 views

CVE-2024-28158

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build...

6.6AI score0.0006EPSS
Exploits0References2
CVE
CVEadded 2024/03/06 5:1 p.m.77 views

CVE-2024-28158

CVE-2024-28158 concerns a cross-site request forgery (CSRF) in the Jenkins Subversion Partial Release Manager Plugin (versions 1.0.1 and earlier). The issue, as described in the source documents, lets an attacker trigger a build by convincing an authenticated user to perform an action, due to CSR...

4.3CVSS6.5AI score0.0006EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2024/03/06 5:1 p.m.11 views

CVE-2024-28158

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build...

6.7AI score0.0006EPSS
Exploits0References2
Circl
Circladded 2023/03/29 4:26 p.m.0 views

CVE-2023-28158

creationtimestamp| type| source ---|---|--- 2023-03-29 16:26:37+00:00| seen| https://t.me/cibsecurity/61011...

6.5CVSS5.8AI score0.00411EPSS
Exploits0References1
OSV
OSVadded 2023/03/29 1:15 p.m.13 views

CVE-2023-28158

Privilege escalation via stored XSS using the file upload service to upload malicious content. The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user...

5.4CVSS5.9AI score
Exploits0References2
NVD
NVDadded 2023/03/29 1:15 p.m.11 views

CVE-2023-28158

Privilege escalation via stored XSS using the file upload service to upload malicious content. The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user...

6.5CVSS6.5AI score0.00411EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2023/03/29 12:21 p.m.10 views

CVE-2023-28158 Apache Archiva privilege escalation

Privilege escalation via stored XSS using the file upload service to upload malicious content. The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user...

6.5CVSS6AI score0.00411EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/03/29 12:21 p.m.11 views

CVE-2023-28158 Apache Archiva privilege escalation

Privilege escalation via stored XSS using the file upload service to upload malicious content. The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user...

6.5CVSS6.6AI score0.00411EPSS
Exploits0References2
CVE
CVEadded 2023/03/29 12:21 p.m.64 views

CVE-2023-28158

CVE-2023-28158 – Apache Archiva privilege escalation via stored XSS . Affected software: Apache Archiva 2.x earlier than 2.2.10. Vulnerable component | behavior: stored cross-site scripting through the file upload service; authenticated users can craft directory names to inject XSS content, poten...

6.5CVSS6AI score0.00411EPSS
Exploits0References2Affected Software1
Circl
Circladded 2022/03/29 4:41 p.m.1 views

CVE-2022-28158

creationtimestamp| type| source ---|---|--- 2022-03-29 16:41:19+00:00| seen| https://t.me/cibsecurity/39729...

6.5CVSS6.3AI score0.00047EPSS
Exploits0References1
NVD
NVDadded 2022/03/29 1:15 p.m.10 views

CVE-2022-28158

A missing permission check in Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

6.5CVSS0.00047EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2022/03/29 1:15 p.m.3 views

CVE-2022-28158

A missing permission check in Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

6.5CVSS5.9AI score0.00047EPSS
Exploits0References3
CVE
CVEadded 2022/03/29 12:31 p.m.113 views

CVE-2022-28158

CVE-2022-28158 affects Jenkins Pipeline: Phoenix AutoTest Plugin (1.3 and earlier). The vulnerability stems from a missing permission check across multiple HTTP endpoints, enabling an attacker with Overall/Read permissions to enumerate credentials IDs stored in Jenkins. The provided connected doc...

6.5CVSS6.2AI score0.00047EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder