Lucene search
K

14 matches found

CVE
CVE
added 2026/05/27 2:13 p.m.25 views

CVE-2026-48918

Technical details about CVE-2026-48918 are not publicly available in the provided documents; monitor for updates from official advisories (e.g., Jenkins security notices) for new information.

6.6CVSS5.8AI score0.00232EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:54 a.m.7 views

CVE-2022-23105

Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations...

6.5CVSS6.7AI score0.00449EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.34 views

EUVD-2023-2055

Malicious code in bioql PyPI...

5.9CVSS5.8AI score0.00384EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-5159

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.01325EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-0561

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00449EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3291

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.0168EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-4902

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00668EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 4:30 p.m.16 views

CVE-2020-2300

Jenkins Active Directory Plugin 2.19 and earlier does not prohibit the use of an empty password in Windows/ADSI mode, which allows attackers to log in to Jenkins as any user depending on the configuration of the Active Directory server...

9.8CVSS6.8AI score0.01652EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:8 p.m.8 views

CVE-2020-2299

Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user if a magic constant is used as the password...

9.8CVSS6.6AI score0.01325EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:0 p.m.8 views

CVE-2020-2302

A missing permission check in Jenkins Active Directory Plugin 2.19 and earlier allows attackers with Overall/Read permission to access the domain health check diagnostic page...

4.3CVSS6.6AI score0.00668EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:20 p.m.10 views

CVE-2020-2301

Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user with any password while a successful authentication of that user is still in the optional cache when using Windows/ADSI mode...

9.8CVSS7AI score0.0168EPSS
Exploits0
Veracode
Veracode
added 2023/07/18 3:28 a.m.29 views

Information Disclosure

Jenkins Active Directory Plugin is vulnerable to Information Disclosure. The vulnerability exists when it ignores the "Require TLS" and "StartTls" options and performs connection test without unencrypted which allows an attacker to gain access to sensitive information in the system...

5.9CVSS6.6AI score0.00384EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/01/12 7:6 p.m.16 views

CVE-2022-23105

Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations...

7.7AI score0.00449EPSS
Exploits0References2
Prion
Prion
added 2019/02/06 4:29 p.m.23 views

Input validation

An improper certificate validation vulnerability exists in Jenkins Active Directory Plugin 2.10 and earlier in src/main/java/hudson/plugins/activedirectory/ActiveDirectoryDomain.java, src/main/java/hudson/plugins/activedirectory/ActiveDirectorySecurityRealm.java,...

5.8CVSS7.5AI score0.00778EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder