CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

71 matches found

RedhatCVE•added 2026/01/09 12:40 p.m.•6 views

CVE-2023-43502

A cross-site request forgery CSRF vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to delete Failure Causes...

4.3CVSS6.7AI score0.00339EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:31 a.m.•9 views

CVE-2019-16554

A missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers with Overall/Read permission to have Jenkins evaluate a computationally expensive regular expression...

4.3CVSS6.5AI score0.00817EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:30 a.m.•7 views

CVE-2019-16555

A user-supplied regular expression in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier was processed in a way that wasn't interruptible, allowing attackers to have Jenkins evaluate a regular expression without the ability to interrupt this process...

6.5CVSS6.6AI score0.01076EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2013-6199

Malware in sbrugna...

3.5CVSS6.4AI score0.00967EPSS

Exploits0References7

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-2490

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00691EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2022-5752

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00817EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-2425

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00504EPSS

Exploits0References4

Github Security Blog•added 2023/09/20 6:30 p.m.•37 views

Jenkins Build Failure Analyzer Plugin Cross-Site Request Forgery vulnerability

Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not perform a permission check in a connection test HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password. Additionally, th...

8.8CVSS6.6AI score0.00406EPSS

Exploits0References4Affected Software1

Github Security Blog•added 2023/09/20 6:30 p.m.•30 views

Jenkins Build Failure Analyzer Plugin missing permission check

6.5CVSS6.6AI score0.00504EPSS

Exploits0References5Affected Software1

Github Security Blog•added 2023/09/20 6:30 p.m.•23 views

Jenkins Build Failure Analyzer Plugin Cross-site Scripting vulnerability

Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not escape Failure Cause names in build logs. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to create or update Failure Causes. Build Failure Analyzer Plugin 2.4.2 escapes Failure Cause...

5.4CVSS5.6AI score0.00521EPSS

Exploits0References4Affected Software1

OSV•added 2023/09/20 6:30 p.m.•28 views

GHSA-55Q6-R3HM-7FF4 Jenkins Build Failure Analyzer Plugin missing permission check

4.3CVSS6.6AI score0.00504EPSS

Exploits0References4

OSV•added 2023/09/20 6:30 p.m.•35 views

GHSA-58RQ-69JP-XC23 Jenkins Build Failure Analyzer Plugin Cross-Site Request Forgery vulnerability

4.3CVSS8.7AI score0.00406EPSS

Exploits0References3

OSV•added 2023/09/20 6:30 p.m.•29 views

GHSA-262F-77Q5-RQV6 Jenkins Build Failure Analyzer Plugin Cross-site Scripting vulnerability

8CVSS5.4AI score0.00521EPSS

Exploits0References3

OSV•added 2023/09/20 6:30 p.m.•21 views

GHSA-2WWH-QGH8-W9XW Jenkins Build Failure Analyzer Plugin Cross-Site Request Forgery vulnerability

Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not require POST requests for an HTTP endpoint, resulting in cross-site request forgery CSRF vulnerabilities. This vulnerability allows attackers to delete Failure Causes. Build Failure Analyzer Plugin 2.4.2 requires POST requests for t...

4.3CVSS4.8AI score0.00339EPSS

Exploits0References4

NVD•added 2023/09/20 5:15 p.m.•29 views

CVE-2023-43501

A missing permission check in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password...

6.5CVSS6.9AI score0.00504EPSS

Exploits0References2

NVD•added 2023/09/20 5:15 p.m.•26 views

CVE-2023-43500

A cross-site request forgery CSRF vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password...

8.8CVSS8.8AI score0.00406EPSS

Exploits0References2

OSV•added 2023/09/20 5:15 p.m.•26 views

CVE-2023-43502

A cross-site request forgery CSRF vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to delete Failure Causes...

4.3CVSS7AI score

Exploits0References2

NVD•added 2023/09/20 5:15 p.m.•20 views

CVE-2023-43499

Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not escape Failure Cause names in build logs, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to create or update Failure Causes...

5.4CVSS5.8AI score0.00521EPSS

Exploits0References2

Prion•added 2023/09/20 5:15 p.m.•22 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to delete Failure Causes...

4.3CVSS4.6AI score0.00339EPSS

Exploits0References2Affected Software1

Prion•added 2023/09/20 5:15 p.m.•22 views

Cross site request forgery (csrf)

6.8CVSS8.7AI score0.00406EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by