Lucene search
+L

15 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.13 views

EUVD-2025-20848

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00205EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-20847

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00262EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2025/07/16 12:0 a.m.11 views

The vulnerability of the Dead Man’s Snitch plugin in Jenkins servers, related to the storage of tokens in unencrypted form, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Dead Man’s Snitch plugin in the Jenkins automation server lies in the fact that tokens are stored in an unencrypted form in the config.xml file. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information...

5.3CVSS5.5AI score0.00262EPSS
Exploits0References2Affected Software1
redhatcve
redhatcve
added 2025/07/11 3:42 p.m.14 views

CVE-2025-53667

Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

5.3CVSS7.1AI score0.00262EPSS
Exploits0References1
osv
osv
added 2025/07/09 6:30 p.m.7 views

GHSA-M248-72RH-CPX4 Jenkins Dead Man's Snitch Plugin vulnerability does not mask tokens

Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

4.3CVSS6.2AI score0.00262EPSS
Exploits0References4
github
github
added 2025/07/09 6:30 p.m.10 views

Jenkins Dead Man's Snitch Plugin vulnerability does not mask tokens

Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

5.3CVSS6.3AI score0.00262EPSS
Exploits0References4Affected Software1
nvd
nvd
added 2025/07/09 4:15 p.m.24 views

CVE-2025-53666

Jenkins Dead Man's Snitch Plugin 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

6.5CVSS0.00205EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/07/09 3:39 p.m.3 views

CVE-2025-53667

Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

6.5AI score0.00262EPSS
Exploits0References1
cvelist
cvelist
added 2025/07/09 3:39 p.m.14 views

CVE-2025-53667

Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

0.00262EPSS
Exploits0References1
cve
cve
added 2025/07/09 3:39 p.m.26 views

CVE-2025-53666

CVE-2025-53666 affects Jenkins Dead Man's Snitch Plugin 0.1. The plugin stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller, enabling viewing by users with Item/Extended Read permission or access to the controller filesystem. This is corroborated by multi...

6.5CVSS6.4AI score0.00205EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2025/07/09 3:39 p.m.6 views

CVE-2025-53666

Jenkins Dead Man's Snitch Plugin 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

7AI score0.00205EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/07/09 12:0 a.m.5 views

Jenkins plugin Dead Man s Snitch 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

6.5CVSS6.2AI score0.00205EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/07/09 12:0 a.m.6 views

Jenkins plugin Dead Man s Snitch 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

5.3CVSS6.2AI score0.00262EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/07/09 12:0 a.m.7 views

PT-2025-28918 · Jenkins · Jenkins Dead Man'S Snitch Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Dead Man's Snitch Plugin version 0.1 Description: The Jenkins Dead Man's Snitch Plugin version 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller. This allows users with Item/Extended Rea...

6.8CVSS5.8AI score0.00205EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2025/07/08 12:0 a.m.4 views

PT-2025-28919 · Jenkins · Jenkins Dead Man'S Snitch Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Dead Man's Snitch Plugin version 0.1 Description: The Jenkins Dead Man's Snitch Plugin does not mask Dead Man's Snitch tokens displayed on the job configuration form, potentially allowing attackers to observe and capture them...

5.3CVSS6.2AI score0.00262EPSS
Exploits0References7
Rows per page
Query Builder