CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

58 matches found

RedhatCVE•added 2025/10/30 2:13 p.m.•3 views

CVE-2025-64136

A cross-site request forgery CSRF vulnerability in Jenkins Themis Plugin 1.4.1 and earlier allows attackers to connect to an attacker-specified HTTP server...

4.3CVSS6.7AI score0.00024EPSS

Exploits0References1

NVD•added 2025/10/29 2:15 p.m.•2 views

CVE-2025-64136

A cross-site request forgery CSRF vulnerability in Jenkins Themis Plugin 1.4.1 and earlier allows attackers to connect to an attacker-specified HTTP server...

4.3CVSS0.00024EPSS

Exploits0References2

OSV•added 2025/10/29 2:15 p.m.•2 views

CVE-2025-64136

A cross-site request forgery CSRF vulnerability in Jenkins Themis Plugin 1.4.1 and earlier allows attackers to connect to an attacker-specified HTTP server...

4.3CVSS5.7AI score0.00024EPSS

Exploits0References2

CVE•added 2025/10/29 1:29 p.m.•7 views

CVE-2025-64136

The vulnerability CVE-2025-64136 affects Jenkins Themis Plugin versions 1.4.1 and earlier. Root cause: a cross-site request forgery (CSRF) flaw due to lack of permission checks in an HTTP endpoint, allowing an attacker with Overall/Read permission to trigger requests to an attacker-specified URL/...

4.3CVSS6.4AI score0.00024EPSS

Exploits0References2Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-3369

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00069EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-6687

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00072EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-2837

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00045EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-5671

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.0003EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-5810

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00528EPSS

Exploits0References4

RedhatCVE•added 2025/05/22 11:28 p.m.•5 views

CVE-2022-41253

A cross-site request forgery CSRF vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS6.6AI score0.00072EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:28 p.m.•5 views

CVE-2022-41254

Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS6.5AI score0.00547EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:5 p.m.•4 views

CVE-2022-34780

A cross-site request forgery CSRF vulnerability in Jenkins XebiaLabs XL Release Plugin 22.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS6.6AI score0.00083EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:7 a.m.•7 views

CVE-2019-1003081

A missing permission check in Jenkins OpenShift Deployer Plugin in the DeployApplication.DeployApplicationDescriptordoCheckLogin form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.5CVSS6.5AI score0.00069EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:40 a.m.•5 views

CVE-2019-1003058

A cross-site request forgery vulnerability in Jenkins FTP publisher Plugin in the FTPPublisher.DescriptorImpldoLoginCheck method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.6AI score0.00423EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:1 a.m.•5 views

CVE-2019-1003093

A missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpldoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.5CVSS6.5AI score0.00069EPSS

Exploits0References1

RedHat Linux•added 2023/02/08 6:41 p.m.•3 views

plugin: missing permission checks in Blue Ocean Plugin

Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server...

6.5CVSS5.8AI score0.00052EPSS

Exploits0References5

RedHat Linux•added 2023/01/12 4:49 p.m.•2 views

plugin: CSRF vulnerability in Blue Ocean Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server...

6.5CVSS5.7AI score0.00113EPSS

Exploits0References5

OSV•added 2022/06/23 5:15 p.m.•0 views

CVE-2022-34203

A cross-site request forgery CSRF vulnerability in Jenkins EasyQA Plugin 1.0 and earlier allows attackers to connect to an attacker-specified HTTP server...

8.8CVSS5.7AI score

Exploits0References1

ATTACKERKB•added 2022/05/17 3:15 p.m.•1 views

CVE-2022-30954

Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server...

6.5CVSS6.6AI score0.00052EPSS

Exploits0References3

Github Security Blog•added 2022/05/13 1:31 a.m.•16 views

CSRF vulnerability in jenkins-reviewbot Plugin

A cross-site request forgery vulnerability in Jenkins jenkins-reviewbot Plugin in the ReviewboardDescriptordoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.6AI score0.00128EPSS

Exploits0References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by