Lucene search
K

106 matches found

OSV
OSV
added 2026/05/06 12:39 a.m.6 views

OPENSUSE-SU-2026:20686-1 Security update for distribution

This update for distribution fixes the following issues Security issues: - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260283. - CVE-2026-33540: information disclosure via improper validation of authentication real...

9.1CVSS7AI score0.01557EPSS
Exploits3References9
RedhatCVE
RedhatCVE
added 2026/01/09 12:42 p.m.10 views

CVE-2023-25768

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server...

6.5CVSS6.5AI score0.00639EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:41 p.m.10 views

CVE-2023-25766

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS6.3AI score0.00511EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:41 p.m.25 views

CVE-2023-25767

A cross-site request forgery CSRF vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server...

8.8CVSS6.7AI score0.00455EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.17 views

EUVD-2018-15614

Malware in sbrugna...

8.1CVSS7.2AI score0.01014EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-0655

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00511EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-0794

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00455EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-0767

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00639EPSS
Exploits0References5
OSV
OSV
added 2025/01/22 6:31 p.m.10 views

GHSA-GP8P-49GR-JV8J Missing permission checks in Jenkins Azure Service Fabric Plugin

The Jenkins Azure Service Fabric Plugin 1.6 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of Azure credentials stored in Jenkins. Those can be used as part of an attack to capture the...

4.3CVSS4.8AI score0.00288EPSS
Exploits0References3
OSV
OSV
added 2025/01/22 5:15 p.m.3 views

CVE-2025-24403

A missing permission check in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of Azure credentials stored in Jenkins...

4.3CVSS5.8AI score0.00288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/22 5:2 p.m.9 views

CVE-2025-24403

A missing permission check in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of Azure credentials stored in Jenkins...

6.5AI score0.00288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.5 views

PT-2025-5361 · Jenkins · Jenkins Azure Service Fabric Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Azure Service Fabric Plugin versions 1.6 and earlier Description: A missing permission check in the Jenkins Azure Service Fabric Plugin allows attackers with Overall/Read permission to enumerate the IDs of Azure credentials stored in...

4.3CVSS6.5AI score0.00288EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2023/11/09 12:0 a.m.6 views

The vulnerability of the Jenkins Azure credentials management plugin, related to the manipulation of cross-site requests, allows a attacker to perform a CSRF attack.

The vulnerability of the Jenkins Azure credentials management plugin is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack remotely...

10CVSS7.4AI score0.00455EPSS
Exploits0References3Affected Software1
vulnersOsv
vulnersOsv
added 2023/02/15 3:30 p.m.3 views

org.jenkins-ci.plugins:azure-acs (>=0.1.0 <=0.2.4), org.jenkins-ci.plugins:azure-app-service (>=0.1 <=0.4.2) +8 more potentially affected by CVE-2023-25766 via org.jenkins-ci.plugins:azure-credentials (>=1.0 <=1.6.1)

org.jenkins-ci.plugins:azure-credentials MAVEN version =1.0, =0.1.0, =0.1, =0.3.0, =0.6.0, =3.0.0, =0.1.0, =1.0.0, =0.4.8, =0.1.0, =1.3, =1.5 Source cves: CVE-2023-25766 Source advisory: OSV:GHSA-7J55-28QQ-676G...

4.3CVSS5.8AI score0.00511EPSS
Exploits0
OSV
OSV
added 2023/02/15 3:30 p.m.25 views

GHSA-RR93-7C6X-8V4V Cross-Site Request Forgery in Jenkins Azure Credentials Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server...

8.8CVSS8.7AI score0.00455EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2023/02/15 3:30 p.m.8 views

org.jenkins-ci.plugins:azure-acs (>=0.1.0 <=0.2.4), org.jenkins-ci.plugins:azure-app-service (>=0.1 <=0.4.2) +8 more potentially affected by CVE-2023-25768 via org.jenkins-ci.plugins:azure-credentials (>=1.0 <=1.6.1)

org.jenkins-ci.plugins:azure-credentials MAVEN version =1.0, =0.1.0, =0.1, =0.3.0, =0.6.0, =3.0.0, =0.1.0, =1.0.0, =0.4.8, =0.1.0, =1.3, =1.5 Source cves: CVE-2023-25768 Source advisory: OSV:GHSA-PX2R-CMR2-PHW7...

6.5CVSS6.5AI score0.00639EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/02/15 3:30 p.m.4 views

org.jenkins-ci.plugins:azure-acs (>=0.1.0 <=0.2.4), org.jenkins-ci.plugins:azure-app-service (>=0.1 <=0.4.2) +8 more potentially affected by CVE-2023-25767 via org.jenkins-ci.plugins:azure-credentials (>=1.0 <=1.6.1)

org.jenkins-ci.plugins:azure-credentials MAVEN version =1.0, =0.1.0, =0.1, =0.3.0, =0.6.0, =3.0.0, =0.1.0, =1.0.0, =0.4.8, =0.1.0, =1.3, =1.5 Source cves: CVE-2023-25767 Source advisory: OSV:GHSA-RR93-7C6X-8V4V...

8.8CVSS7.2AI score0.00455EPSS
Exploits0
NVD
NVD
added 2023/02/15 2:15 p.m.43 views

CVE-2023-25767

A cross-site request forgery CSRF vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server...

8.8CVSS8.8AI score0.00455EPSS
Exploits0References2
NVD
NVD
added 2023/02/15 2:15 p.m.35 views

CVE-2023-25768

A missing permission check in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server...

6.5CVSS6.3AI score0.00639EPSS
Exploits0References2
OSV
OSV
added 2023/02/15 2:15 p.m.5 views

CVE-2023-25767

A cross-site request forgery CSRF vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connect to an attacker-specified web server...

8.8CVSS7.2AI score0.00455EPSS
Exploits0References2
Rows per page
Query Builder