CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-6335

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00129EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-6350

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00158EPSS

Exploits0References5

RedhatCVE•added 2025/05/22 11:13 p.m.•2 views

CVE-2022-36911

A cross-site request forgery CSRF vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL...

6.5CVSS6.5AI score0.00129EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:11 p.m.•8 views

CVE-2022-36912

A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

4.3CVSS6.6AI score0.00158EPSS

Exploits0References1

Github Security Blog•added 2022/07/28 12:0 a.m.•30 views

Jenkins Openstack Heat Plugin does not perform permission checks in methods implementing form validation

Jenkins openstack-heat Plugin 1.5 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. A sequence of requests...

4.3CVSS4.9AI score0.00064EPSS

Exploits0References5Affected Software1

NVD•added 2022/07/27 3:15 p.m.•8 views

CVE-2022-36913

Jenkins Openstack Heat Plugin 1.5 and earlier does not perform permission checks in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

4.3CVSS0.00064EPSS

Exploits0References2

ATTACKERKB•added 2022/07/27 3:15 p.m.•4 views

CVE-2022-36913

4.3CVSS5.8AI score0.00064EPSS

Exploits0References4

OSV•added 2022/07/27 3:15 p.m.•0 views

CVE-2022-36913

4.3CVSS5.8AI score

Exploits0References2

NVD•added 2022/07/27 3:15 p.m.•11 views

CVE-2022-36911

A cross-site request forgery CSRF vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL...

6.5CVSS0.00129EPSS

Exploits0References2

OSV•added 2022/07/27 3:15 p.m.•2 views

CVE-2022-36911

A cross-site request forgery CSRF vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL...

6.5CVSS5.7AI score

Exploits0References2

ATTACKERKB•added 2022/07/27 3:15 p.m.•4 views

CVE-2022-36911

A cross-site request forgery CSRF vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL...

6.5CVSS5.6AI score0.00129EPSS

Exploits0References4

Prion•added 2022/07/27 3:15 p.m.•8 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL...

4.3CVSS6.4AI score0.00129EPSS

Exploits0References2Affected Software1

Prion•added 2022/07/27 3:15 p.m.•13 views

Design/Logic Flaw

A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

4CVSS4.4AI score0.00158EPSS

Exploits0References2Affected Software1

Prion•added 2022/07/27 3:15 p.m.•9 views

Design/Logic Flaw

4CVSS4.5AI score0.00064EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/07/27 2:27 p.m.•12 views

CVE-2022-36913

5.2AI score0.00064EPSS

Exploits0References2

CVE•added 2022/07/27 2:27 p.m.•87 views

CVE-2022-36913

The CVE-2022-36913 entry concerns Jenkins Openstack Heat Plugin versions 1.5 and earlier, which do not perform permission checks in methods implementing form validation. The underlying issue enables attackers with Overall/Read permission to check for the existence of an attacker-specified file pa...

4.3CVSS4.5AI score0.00064EPSS

Exploits0References2Affected Software1

CVE•added 2022/07/27 2:27 p.m.•89 views

CVE-2022-36912

Affected software: Jenkins Openstack Heat Plugin (versions 1.5 and earlier). Root cause: missing permission check in methods implementing form validation. Impact: attackers with Overall/Read permissions can connect to an attacker-specified URL (no other impact described). Status/mitigation: no ex...

4.3CVSS4.4AI score0.00158EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2022/07/27 2:27 p.m.•9 views

CVE-2022-36912

A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

6.6AI score0.00158EPSS

Exploits0References2

Cvelist•added 2022/07/27 2:27 p.m.•10 views

CVE-2022-36911

A cross-site request forgery CSRF vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL...

7AI score0.00129EPSS

Exploits0References2

CVE•added 2022/07/27 2:27 p.m.•87 views

CVE-2022-36911

Consolidated details show a CSRF vulnerability in Jenkins Openstack Heat Plugin (version 1.5 and earlier). The underlying issue is lack of permission checks in methods implementing form validation, which do not require POST requests, enabling an attacker to trigger connections to an attacker-spec...

6.5CVSS6.4AI score0.00129EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by