CVE-2026-33004

Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

Jenkins LoadNinja Plugin does not mask LoadNinja API keys displayed on the job configuration form

Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2026-33004

Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2026-33004

The CVE-2026-33004 issue affects Jenkins LoadNinja Plugin 2.1 and earlier. The vulnerability is that LoadNinja API keys displayed on the job configuration form are not masked, enabling potential observers to see and capture them. Affected component: LoadNinja API key display within the plugin con...

Jenkins LoadNinja Plugin 安全漏洞

The Jenkins LoadNinja Plugin is an open-source plugin developed by Jenkins. The Jenkins LoadNinja Plugin versions 2.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the API keys not being shielded in the configuration form, which may lead to credential leaks...

CVE-2025-12513

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Hosts configuration form modules allows Stored XSS to users with high privileges. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0...

EUVD-2026-0858

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Hosts configuration form modules allows Stored XSS to users with high privileges. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0...

Centreon 安全漏洞

Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for resources such as networks, systems and applications. A security vulnerability exists in Centreon versions prior to 25.10.2, prior to 24.10.15, and prior to...

CVE-2025-15092

A vulnerability was identified in UTT 进取 512W up to 1.7.7-171114. Impacted is the function strcpy of the file /goform/ConfigExceptMSN. Such manipulation of the argument remark leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be us...

Sensitive Information Exposure

org.jenkins-ci.plugins, curseforge-publisher is vulnerable to sensitive information exposure. The vulnerability is due to improper masking of API keys on the job configuration form, which allows an attacker to observe and capture the exposed credentials...

BIT-JENKINS-2025-67638

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

GHSA-HXJG-2JVF-H3RX Jenkins's build authorization token is stored and displayed in plain text

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2025-67638

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2025-67638

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2025-67638

CVE-2025-67638 affects Jenkins 2.540 and earlier, LTS 2.528.2 and earlier. The root cause is that build authorization tokens shown on the job configuration form are not masked, allowing potential observation or capture by an attacker. The CVE is documented in Jenkins security advisory SECURITY-78...

CVE-2025-67638

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2025-67638

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

EUVD-2025-198570

A vulnerability was determined in D-Link DIR-822K and DWR-M920 1.0020250513164613/1.1.50. Impacted is an unknown function of the file /boafrm/formVpnConfigSetup. Executing manipulation of the argument submit-url can lead to buffer overflow. The attack can be executed remotely. The exploit has bee...

CVE-2025-13551

A vulnerability was identified in D-Link DIR-822K and DWR-M920 1.0020250513164613/1.1.50. The affected element is an unknown function of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url leads to buffer overflow. The attack is possible to be carried out remotely. Th...

CVE-2025-64147

Jenkins Curseforge Publisher Plugin 1.0 does not mask API Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...