186 matches found
EUVD-2022-6392
Malicious code in bioql PyPI...
EUVD-2022-2730
Malicious code in bioql PyPI...
EUVD-2023-3055
Malicious code in bioql PyPI...
EUVD-2022-1219
Malicious code in bioql PyPI...
EUVD-2023-1599
Malicious code in bioql PyPI...
EUVD-2022-6447
Malicious code in bioql PyPI...
EUVD-2023-2159
Malicious code in bioql PyPI...
EUVD-2022-0701
Malicious code in bioql PyPI...
EUVD-2023-44596
Malicious code in bioql PyPI...
EUVD-2022-5310
Malicious code in bioql PyPI...
EUVD-2022-1090
Malicious code in bioql PyPI...
EUVD-2022-2010
Malicious code in bioql PyPI...
CVE-2025-58460
A missing permission check in Jenkins OpenTelemetry Plugin 3.1543.v8446b92bcd64 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
PT-2025-35782
Name of the Vulnerable Software and Affected Versions: Jenkins OpenTelemetry Plugin versions 3.1543.v8446b 92b cd64 and earlier Description: A missing permission check allows attackers with Overall/Read permission to connect to a URL specified by the attacker, using credentials IDs obtained throu...
CVE-2025-40752
A vulnerability has been identified in POWER METER SICAM Q100 7KG9501-0AA01-0AA1 All versions = V2.60 = V2.60 = V2.60 = V2.60 = V2.70 V2.80. Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extract it and use the configure...
CVE-2023-32998
A cross-site request forgery CSRF vulnerability in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials...
CVE-2023-32989
A cross-site request forgery CSRF vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a43 and earlier allows attackers to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method...
CVE-2023-32978
A cross-site request forgery CSRF vulnerability in Jenkins LDAP Plugin allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials...
CVE-2023-28674
A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...
CVE-2023-28675
A missing permission check in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...