Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2021-1334

Malware in sbrugna...

4.3CVSS4.6AI score0.01301EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-5191

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00636EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3741

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00615EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 7:11 p.m.9 views

CVE-2021-21654

Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password...

4.3CVSS6.7AI score0.01301EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:19 p.m.11 views

CVE-2021-21655

A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password...

7.1CVSS6.8AI score0.00522EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:9 p.m.18 views

CVE-2020-2142

A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...

4.3CVSS6.6AI score0.00615EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:18 p.m.12 views

CVE-2020-2141

A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...

4.3CVSS6.7AI score0.00636EPSS
Exploits0
OSV
OSV
added 2022/03/18 5:53 p.m.25 views

GHSA-3RJ3-QP2J-4FJ2 Cross-Site Request Forgery in Jenkins P4 Plugin

A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password. Jenkins P4 Plugin 1.11.5 requires POST requests for the affected HTTP endpoints...

7.1CVSS6.8AI score0.00522EPSS
Exploits0References4
NVD
NVD
added 2021/05/11 3:15 p.m.15 views

CVE-2021-21655

A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password...

7.1CVSS0.00522EPSS
Exploits0References1
OSV
OSV
added 2021/05/11 3:15 p.m.3 views

CVE-2021-21654

Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password...

4.3CVSS5.8AI score0.01301EPSS
Exploits0References1
Prion
Prion
added 2021/05/11 3:15 p.m.19 views

Default credentials

Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password...

4CVSS4.5AI score0.01301EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/05/11 2:15 p.m.18 views

CVE-2021-21655

A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password...

7.1AI score0.00522EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/05/11 12:0 a.m.4 views

Jenkins 跨站请求伪造漏洞

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site request forgery...

7.1CVSS5.7AI score0.00522EPSS
Exploits0References4
OSV
OSV
added 2020/03/09 4:15 p.m.5 views

CVE-2020-2142

A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...

4.3CVSS5.8AI score0.00615EPSS
Exploits0References2
Prion
Prion
added 2020/03/09 4:15 p.m.13 views

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...

4.3CVSS4.5AI score0.00636EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/03/09 4:15 p.m.12 views

Information disclosure

A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...

4CVSS4.4AI score0.00615EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/03/09 3:0 p.m.72 views

CVE-2020-2141

Jenkins P4 Plugin ≤1.10.10 is affected by a cross-site request forgery vulnerability that lets an attacker trigger builds or add labels in Perforce. Root cause: the web app does not adequately validate request origin. Impact: CSRF with I=Low, UI interaction required; no confidentiality or availab...

4.3CVSS4.5AI score0.00636EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/03/09 3:0 p.m.14 views

CVE-2020-2141

A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...

4.5AI score0.00636EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/03/09 12:0 a.m.6 views

PT-2020-15353 · Jenkins · Jenkins P4 Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins P4 Plugin versions 1.10.10 and earlier Description: A missing permission check in the Jenkins P4 Plugin allows attackers with Overall/Read permission to trigger builds or add labels in the Perforce repository. Recommendations: For...

4.3CVSS4.4AI score0.00615EPSS
Exploits0References6
Rows per page
Query Builder