Lucene search
+L

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:24 a.m.11 views

CVE-2019-10446

Jenkins Cadence vManager Plugin 2.7.0 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM...

8.2CVSS6.8AI score0.00993EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/16 9:20 p.m.21 views

CVE-2025-47886

A cross-site request forgery CSRF vulnerability in Jenkins Cadence vManager Plugin 4.0.1-286.v9e25a740ba48 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password...

4.3CVSS6.8AI score0.00224EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/05/14 8:35 p.m.5 views

CVE-2025-47887

Missing permission checks in Jenkins Cadence vManager Plugin 4.0.1-286.v9e25a740ba48 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password...

4.3CVSS7AI score0.00292EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/14 8:35 p.m.9 views

CVE-2025-47886

A cross-site request forgery CSRF vulnerability in Jenkins Cadence vManager Plugin 4.0.1-286.v9e25a740ba48 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password...

6.8AI score0.00224EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/02 12:0 a.m.6 views

Jenkins plugin Cadence vManager 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

4.3CVSS6.4AI score0.00302EPSS
Exploits0References3
NVD
NVD
added 2020/09/01 2:15 p.m.20 views

CVE-2020-2243

Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission...

5.4CVSS5.3AI score0.00753EPSS
Exploits0References2
Prion
Prion
added 2020/09/01 2:15 p.m.15 views

Cross site scripting

Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission...

3.5CVSS5.3AI score0.00753EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/01 1:50 p.m.25 views

CVE-2020-2243

Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission...

5.3AI score0.00753EPSS
Exploits0References2
Prion
Prion
added 2019/10/16 2:15 p.m.9 views

Design/Logic Flaw

Jenkins Cadence vManager Plugin 2.7.0 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM...

6.4CVSS8.2AI score0.00993EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder