Lucene search
K

545 matches found

Cvelist
Cvelist
added 2025/07/09 3:39 p.m.9 views

CVE-2025-53675

Jenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

0.00291EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.4 views

CVE-2025-53675

Jenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

7AI score0.00291EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.5 views

CVE-2025-53670

Jenkins Nouvola DiveCloud Plugin 1.08 and earlier stores DiveCloud API Keys and Credentials Encryption Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

7AI score0.0013EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.4 views

CVE-2025-53666

Jenkins Dead Man's Snitch Plugin 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

7AI score0.00205EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.4 views

CVE-2025-53664

Jenkins Apica Loadtest Plugin 1.10 and earlier stores Apica Loadtest LTP authentication tokens unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

7.2AI score0.00314EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/09 3:39 p.m.8 views

CVE-2025-53664

Jenkins Apica Loadtest Plugin 1.10 and earlier stores Apica Loadtest LTP authentication tokens unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

0.00314EPSS
Exploits0References1
CVE
CVE
added 2025/07/09 3:39 p.m.26 views

CVE-2025-53664

CVE-2025-53664 – Jenkins Apica Loadtest Plugin : The vulnerability affects Jenkins with Apica Loadtest Plugin versions 1.10 and earlier. It stores Apica Loadtest LTP authentication tokens unencrypted in job config.xml files on the Jenkins controller, making tokens viewable by users with Item/Exte...

6.5CVSS6.7AI score0.00314EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/07/09 3:39 p.m.9 views

CVE-2025-53659

Jenkins QMetry Test Management Plugin 1.13 and earlier stores Qmetry Automation API Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

0.00201EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/09 3:39 p.m.10 views

CVE-2025-53656

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file...

0.00347EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.3 views

CVE-2025-53653

Jenkins Aqua Security Scanner Plugin 3.2.8 and earlier stores Scanner Tokens for Aqua API unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

7AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2025/07/09 3:39 p.m.28 views

CVE-2025-53653

CVE-2025-53653 affects Jenkins Aqua Security Scanner Plugin 3.2.8 and earlier. The vulnerability arises from unencrypted storage of Aqua API Scanner Tokens in job config.xml files on the Jenkins controller, making tokens viewable by users with Item/Extended Read permission or anyone with access t...

4.3CVSS6.5AI score0.00191EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/09 12:0 a.m.3 views

PT-2025-28920 · Jenkins · Jenkins Vaddy Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins VAddy Plugin versions prior to 1.2.9 Description: The Jenkins VAddy Plugin stores VAddy API Auth Keys unencrypted in job config.xml files on the Jenkins controller. These keys are accessible to users with Item/Extended Read permission...

6.8CVSS6.1AI score0.00203EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/07/09 12:0 a.m.21 views

PT-2025-28914 · Jenkins · Jenkins Ifttt Build Notifier Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins IFTTT Build Notifier Plugin versions 1.2 and earlier Description: The Jenkins IFTTT Build Notifier Plugin stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller. These keys can be viewed by users...

6.8CVSS6.1AI score0.00281EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/07/09 12:0 a.m.3 views

PT-2025-28927 · Jenkins · Jenkins Warrior Framework Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Warrior Framework Plugin versions 1.2 and earlier Description: The Jenkins Warrior Framework Plugin stores passwords unencrypted in job config.xml files on the Jenkins controller. This allows users with Item/Extended Read permission o...

6.8CVSS6AI score0.00291EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/07/04 2:40 p.m.3 views

SUSE CVE-2025-30167

Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration...

7.3CVSS6.8AI score0.00153EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.3 views

Keyoti SearchUnit 安全漏洞

Keyoti SearchUnit is a web search engine from Keyoti Canada. A security vulnerability exists in Keyoti SearchUnit versions prior to 9.0.0, which stems from a server-side request forgery issue that could result in configuration and log files being read or written...

5.4CVSS6.4AI score0.00208EPSS
Exploits0References3
Snyk
Snyk
added 2025/06/03 5:43 p.m.4 views

Uncontrolled Search Path Element

Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to the shared %PROGRAMDATA% directory being searched for configuration files. An attacker can introduce unintended behavior and affect other users by creating malicious configuration files in the...

7.3CVSS6.9AI score0.00153EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:29 a.m.14 views

CVE-2023-50776

Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier stores PaaSLane authentication tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

4.3CVSS6.9AI score0.00339EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:51 a.m.12 views

CVE-2023-32982

Jenkins Ansible Plugin 204.v8191fd551ebf and earlier stores extra variables unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

4.3CVSS6.6AI score0.00377EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:55 a.m.7 views

CVE-2023-24450

Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

6.5CVSS6.7AI score0.006EPSS
Exploits0References1
Rows per page
Query Builder