Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

40 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-6687

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00072EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-6890

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00396EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-6728

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00547EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/05/22 11:28 p.m.3 views

CVE-2022-41255

Jenkins CONS3RT Plugin 1.0.0 and earlier stores Cons3rt API token unencrypted in job config.xml files on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...

6.5CVSS6.3AI score0.00349EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 11:28 p.m.5 views

CVE-2022-41253

A cross-site request forgery CSRF vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS6.6AI score0.00072EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 11:28 p.m.1 views

CVE-2022-41252

Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allows users with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS4.7AI score0.00396EPSS
Exploits0References1
OSV
OSVadded 2022/09/22 12:0 a.m.19 views

GHSA-FMQ9-R4P2-8272 API token stored in plain text by Jenkins CONS3RT Plugin

Jenkins CONS3RT Plugin 1.0.0 and earlier stores Cons3rt API token unencrypted in job config.xml files on the Jenkins controller as part of its configuration. This API token can be viewed by users with access to the Jenkins controller file system...

3.3CVSS6.6AI score0.00349EPSS
Exploits0References4
OSV
OSVadded 2022/09/22 12:0 a.m.20 views

GHSA-48Q3-5297-WMMX CSRF vulnerability in Jenkins CONS3RT Plugin allow capturing credentials

CONS3RT Plugin 1.0.0 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing...

5.4CVSS8.7AI score0.00072EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2022/09/22 12:0 a.m.14 views

Missing permission checks in Jenkins CONS3RT Plugin allow capturing credentials

CONS3RT Plugin 1.0.0 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing...

6.5CVSS6.9AI score0.00547EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2022/09/22 12:0 a.m.14 views

GHSA-74X9-FHC2-P79F Missing permission checks in Jenkins CONS3RT Plugin allow capturing credentials

CONS3RT Plugin 1.0.0 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing...

5.4CVSS6.7AI score0.00547EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2022/09/22 12:0 a.m.22 views

CSRF vulnerability in Jenkins CONS3RT Plugin allow capturing credentials

CONS3RT Plugin 1.0.0 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing...

8.8CVSS8.6AI score0.00072EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2022/09/21 4:15 p.m.13 views

CVE-2022-41255

Jenkins CONS3RT Plugin 1.0.0 and earlier stores Cons3rt API token unencrypted in job config.xml files on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...

6.5CVSS6.4AI score
Exploits0References2
NVD
NVDadded 2022/09/21 4:15 p.m.7 views

CVE-2022-41254

Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS0.00547EPSS
Exploits0References2
OSV
OSVadded 2022/09/21 4:15 p.m.12 views

CVE-2022-41254

Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS6.4AI score
Exploits0References2
NVD
NVDadded 2022/09/21 4:15 p.m.13 views

CVE-2022-41252

Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allows users with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS0.00396EPSS
Exploits0References2
OSV
OSVadded 2022/09/21 4:15 p.m.9 views

CVE-2022-41253

A cross-site request forgery CSRF vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS8.7AI score
Exploits0References2
NVD
NVDadded 2022/09/21 4:15 p.m.11 views

CVE-2022-41253

A cross-site request forgery CSRF vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS0.00072EPSS
Exploits0References2
OSV
OSVadded 2022/09/21 4:15 p.m.10 views

CVE-2022-41252

Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allows users with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS4.5AI score
Exploits0References2
Prion
Prionadded 2022/09/21 4:15 p.m.16 views

Design/Logic Flaw

Missing permission checks in Jenkins CONS3RT Plugin 1.0.0 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

4CVSS6.3AI score0.00547EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2022/09/21 4:15 p.m.14 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.8CVSS8.7AI score0.00072EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder