Lucene search
+L

186 matches found

Positive Technologies
Positive Technologies
added 2019/08/07 12:0 a.m.6 views

PT-2019-11781 · Jenkins · Jenkins Xl Testview Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins XL TestView Plugin versions 1.2.0 and earlier Description: A missing permission check in the XLTestView.XLTestDescriptordoTestConnection function allows users with Overall/Read access to connect to an attacker-specified URL using...

6.5CVSS6.3AI score0.00852EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/04/18 12:0 a.m.5 views

PT-2019-11706 · Jenkins · Jenkins Xebialabs Xl Deploy Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins XebiaLabs XL Deploy Plugin affected versions not specified Description: A cross-site request forgery issue in the CredentialdoValidateUserNamePassword form validation method allows attackers to initiate a connection to an...

6.5CVSS6.2AI score0.00888EPSS
Exploits0References7
OSV
OSV
added 2019/01/09 11:29 p.m.5 views

CVE-2018-1000422

An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker-specified server with attacker-specified credentials and connection settings...

6.5CVSS5.8AI score0.00769EPSS
Exploits0References2
CNVD
CNVD
added 2018/08/08 12:0 a.m.3 views

CloudBees Jenkins Confluence Publisher Plugin Server-Side Request Forgery Vulnerability

CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Confluence Publisher Plugin is used ...

4.3CVSS5AI score0.00642EPSS
Exploits0References1
CNVD
CNVD
added 2018/08/08 12:0 a.m.7 views

CloudBees Jenkins Publisher Over CIFS Plugin Privilege Check Vulnerability

CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Publisher Over CIFS Plugin is to use...

4.9CVSS4.9AI score0.00483EPSS
Exploits0References1
exploitpack
exploitpack
added 2003/07/01 12:0 a.m.19 views

ezbounce 1.01.5 - Format String

ezbounce 1.01.5 - Format String // source: https://www.securityfocus.com/bid/8071/info It has been reported that ezbounce is affected by a format string vulnerability. The condition is present in the file "ezbounce/commands.cpp" and can be triggered when session support is enabled. To exploit thi...

Exploits0
Rows per page
Query Builder