Lucene search
K

50 matches found

vulnersOsv
vulnersOsv
added 2025/05/16 6:30 a.m.8 views

@adpt/testutils (>=0.1.0-next.1 <=0.4.0-next.6), @lavamoat/git-safe-dependencies (>=0.1.1 <=0.2.1) +6 more potentially affected by CVE-2025-4759 via lockfile-lint-api (>=1.0.7 <=5.9.1)

lockfile-lint-api NPM version =1.0.7, =0.1.0-next.1, =0.1.1, =1.0.0, =4.3.1-test1, =1.3.0, =1.0.1, =4.2.2, =4.3.1, =4.7.0 Source cves: CVE-2025-4759 Source advisory: OSV:GHSA-7CFR-5CJF-32P4...

8.3CVSS5.8AI score0.00352EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/04/17 12:0 a.m.58 views

GraphQLer: Enhancing GraphQL Security with Context-Aware API Testing

GraphQL is an open-source data query and manipulation language for web applications, offering a flexible alternative to RESTful APIs. However, its dynamic execution model and lack of built-in security mechanisms expose it to vulnerabilities such as unauthorized data access, denial-of-service DoS...

7.2AI score
Exploits0
Fedora
Fedora
added 2024/05/26 1:28 a.m.12 views

[SECURITY] Fedora 40 Update: rust-cargo-deny-0.14.21-2.fc40

Cargo plugin to help you manage large dependency graphs...

7.3AI score
Exploits0
vulnersOsv
vulnersOsv
added 2024/04/16 6:30 a.m.12 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +36874 more potentially affected by CVE-2024-22262 via org.springframework:spring-web (>=1.2.1 <=5.3.33)

org.springframework:spring-web MAVEN version =1.2.1, =1.1, =0.0.1, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.2.0 and more Source cves: CVE-2024-22262 Source advisory: OSV:GHSA-2WRP-6FG6-HMC5...

8.1CVSS6.7AI score0.01191EPSS
Exploits2
SUSE CVE
SUSE CVE
added 2023/02/15 5:11 a.m.4 views

SUSE CVE-2015-8508

Cross-site scripting XSS vulnerability in showdependencygraph.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x and 5.0.x before 5.0.2, when a local dot configuration is used, allows remote attackers to inject arbitrary web script or HTML via a crafted bug...

4.7CVSS5.8AI score0.01476EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.6 views

SUSE CVE-2017-1000388

Jenkins Dependency Graph Viewer plugin 0.12 and earlier did not perform permission checks for the API endpoint that modifies the dependency graph, allowing anyone with Overall/Read permission to modify this data...

4.3CVSS4.8AI score0.0063EPSS
Exploits0References3
OSV
OSV
added 2022/05/24 4:50 p.m.21 views

GHSA-4WJ7-RH5H-5QMR Jenkins Dependency Graph Viewer Plugin contains Cross-site Scripting

A stored cross site scripting vulnerability in Jenkins Dependency Graph Viewer Plugin 0.13 and earlier allowed attackers able to configure jobs in Jenkins to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins...

5.4CVSS5AI score0.03885EPSS
Exploits5References7
Github Security Blog
Github Security Blog
added 2022/05/24 4:50 p.m.38 views

Jenkins Dependency Graph Viewer Plugin contains Cross-site Scripting

A stored cross site scripting vulnerability in Jenkins Dependency Graph Viewer Plugin 0.13 and earlier allowed attackers able to configure jobs in Jenkins to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins...

5.4CVSS2.1AI score0.03885EPSS
Exploits5References7Affected Software1
OSV
OSV
added 2022/05/13 1:18 a.m.20 views

GHSA-VHH3-MVC4-HHQ6 Jenkins Dependency Graph Viewer plugin vulnerable to missing permission checks

Jenkins Dependency Graph Viewer plugin 0.12 and earlier did not perform permission checks for the API endpoint that modifies the dependency graph, allowing anyone with Overall/Read permission to modify this data...

4.3CVSS4.5AI score0.0063EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/05/13 1:18 a.m.18 views

Jenkins Dependency Graph Viewer plugin vulnerable to missing permission checks

Jenkins Dependency Graph Viewer plugin 0.12 and earlier did not perform permission checks for the API endpoint that modifies the dependency graph, allowing anyone with Overall/Read permission to modify this data...

4.3CVSS6.7AI score0.0063EPSS
Exploits0References3Affected Software1
Kitploit
Kitploit
added 2022/01/28 8:30 p.m.20 views

Mininode - A CLI Tool To Reduce The Attack Surface Of The Node.js Applications By Using Static Analysis

Mininode is a CLI tool to reduce the attack surface of the Node.js applications by using static analysis of source code. It supports two modes of reduction 1 coarse, 2 fine. Mininode constructs the dependency graph modules and functions used of the application starting from main file, i.e. entry...

6.9AI score
Exploits0References1
The Hacker News
The Hacker News
added 2022/01/04 2:32 p.m.26 views

SAILFISH System to Find State-Inconsistency Bugs in Smart Contracts

A group of academics from the University of California, Santa Barbara, has demonstrated what it calls a "scalable technique" to vet smart contracts and mitigate state-inconsistency bugs, discovering 47 zero-day vulnerabilities on the Ethereum blockchain in the process. Smart contracts are program...

1.7AI score
Exploits0
CNVD
CNVD
added 2019/09/17 12:0 a.m.5 views

CloudBees Jenkins Beaker Builder Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Dependency Graph Viewer Plugin is used in...

5.5CVSS6.3AI score0.00291EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/25 12:0 a.m.2 views

CloudBees Jenkins Unauthorized Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Dependency Graph Viewer Plugin is used in...

6.2AI score
Exploits0References1
Packet Storm
Packet Storm
added 2019/07/12 12:0 a.m.295 views

Jenkins Dependency Graph View 0.13 Cross Site Scripting

Exploit Title: Persistent XSS - Dependency Graph View Pluginv0.13 Vendor Homepage: https://wiki.jenkins.io/display/JENKINS/Dependency+Graph+View+Plugin Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps Platform:...

5.5AI score0.03885EPSS
Exploits5
CNVD
CNVD
added 2019/07/12 12:0 a.m.4 views

CloudBees Jenkins Dependency Graph Viewer plugin cross-site scripting vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Dependency Graph Viewer Plugin is used in...

5.4CVSS6.4AI score0.03885EPSS
Exploits5References1
0day.today
0day.today
added 2019/07/12 12:0 a.m.58 views

Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting Vulnerability

Exploit for java platform in category web applications Exploit Title: Persistent XSS - Dependency Graph View Pluginv0.13 Vendor Homepage: https://wiki.jenkins.io/display/JENKINS/Dependency+Graph+View+Plugin Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website:...

3.5CVSS5.5AI score0.03885EPSS
Exploits5
exploitpack
exploitpack
added 2019/07/12 12:0 a.m.83 views

Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting

Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting Exploit Title: Persistent XSS - Dependency Graph View Pluginv0.13 Vendor Homepage: https://wiki.jenkins.io/display/JENKINS/Dependency+Graph+View+Plugin Exploit Author: Ishaq Mohammed Contact:...

3.5CVSS5.3AI score0.03885EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/12 12:0 a.m.279 views

Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting

Exploit Title: Persistent XSS - Dependency Graph View Pluginv0.13 Vendor Homepage: https://wiki.jenkins.io/display/JENKINS/Dependency+Graph+View+Plugin Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps Platform:...

5.4CVSS5.8AI score0.03885EPSS
Exploits5
NVD
NVD
added 2019/07/11 2:15 p.m.35 views

CVE-2019-10349

A stored cross site scripting vulnerability in Jenkins Dependency Graph Viewer Plugin 0.13 and earlier allowed attackers able to configure jobs in Jenkins to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins...

5.4CVSS5.2AI score0.03885EPSS
Exploits5References4
Rows per page
Query Builder