Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1414

Malicious code in bioql PyPI...

7.5CVSS6.7AI score0.00642EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-1570

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00523EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2022-1565

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00887EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-1272

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.0079EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 1:6 a.m.9 views

CVE-2022-28144

Jenkins Proxmox Plugin 0.7.0 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified host using attacker-specified username and password perform a connection test, disable SSL/TLS validation for...

7.5CVSS6.4AI score0.0079EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:4 a.m.9 views

CVE-2022-28143

A cross-site request forgery CSRF vulnerability in Jenkins Proxmox Plugin 0.7.0 and earlier allows attackers to connect to an attacker-specified host using attacker-specified username and password perform a connection test, disable SSL/TLS validation for the entire Jenkins controller JVM as part ...

7.5CVSS6.5AI score0.00642EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:40 p.m.8 views

CVE-2022-28142

Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally for the Jenkins controller JVM when configured to ignore SSL/TLS issues...

7.5CVSS6.3AI score0.00642EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:40 p.m.6 views

CVE-2022-28141

Jenkins Proxmox Plugin 0.5.0 and earlier stores the Proxmox Datacenter password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...

6.5CVSS6.8AI score0.00887EPSS
Exploits0References1
CNVD
CNVD
added 2022/03/31 12:0 a.m.23 views

Jenkins Proxmox Plugin Cross-Site Request Forgery Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Proxmox Plugin 0.7.0 and earlier...

6.5CVSS2.2AI score0.00523EPSS
Exploits0References1
OSV
OSV
added 2022/03/30 12:0 a.m.20 views

GHSA-2MGJ-MWVF-MPG5 Missing permission checks in Jenkins Proxmox Plugin

Jenkins Proxmox Plugin 0.7.0 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified host using attacker-specified username and password perform a connection test, disable SSL/TLS validation for...

6.5CVSS6.8AI score0.0079EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/03/29 1:15 p.m.2 views

CVE-2022-28143

A cross-site request forgery CSRF vulnerability in Jenkins Proxmox Plugin 0.7.0 and earlier allows attackers to connect to an attacker-specified host using attacker-specified username and password perform a connection test, disable SSL/TLS validation for the entire Jenkins controller JVM as part ...

7.5CVSS5.8AI score0.00642EPSS
Exploits0References3
NVD
NVD
added 2022/03/29 1:15 p.m.15 views

CVE-2022-28142

Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally for the Jenkins controller JVM when configured to ignore SSL/TLS issues...

7.5CVSS0.00642EPSS
Exploits0References2
OSV
OSV
added 2022/03/29 1:15 p.m.23 views

CVE-2022-28143

A cross-site request forgery CSRF vulnerability in Jenkins Proxmox Plugin 0.7.0 and earlier allows attackers to connect to an attacker-specified host using attacker-specified username and password perform a connection test, disable SSL/TLS validation for the entire Jenkins controller JVM as part ...

6.5CVSS7.6AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/03/29 1:15 p.m.4 views

CVE-2022-28142

Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally for the Jenkins controller JVM when configured to ignore SSL/TLS issues...

7.5CVSS5.9AI score0.00642EPSS
Exploits0References3
Prion
Prion
added 2022/03/29 1:15 p.m.23 views

Design/Logic Flaw

Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally for the Jenkins controller JVM when configured to ignore SSL/TLS issues...

4.3CVSS6.5AI score0.00642EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/03/29 1:15 p.m.23 views

Default credentials

Jenkins Proxmox Plugin 0.7.0 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified host using attacker-specified username and password perform a connection test, disable SSL/TLS validation for...

4CVSS6.5AI score0.0079EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/03/29 1:15 p.m.23 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Proxmox Plugin 0.7.0 and earlier allows attackers to connect to an attacker-specified host using attacker-specified username and password perform a connection test, disable SSL/TLS validation for the entire Jenkins controller JVM as part ...

4CVSS6.6AI score0.00642EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/03/29 12:31 p.m.108 views

CVE-2022-28144

The connected docs confirm CVE-2022-28144 affects Jenkins Proxmox Plugin 0.7.0 and earlier, due to missing permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to initiate a connection test to an attacker‑controlled host using attacker‑supplied username/...

6.5CVSS6.7AI score0.0079EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/03/29 12:30 p.m.26 views

CVE-2022-28143

A cross-site request forgery CSRF vulnerability in Jenkins Proxmox Plugin 0.7.0 and earlier allows attackers to connect to an attacker-specified host using attacker-specified username and password perform a connection test, disable SSL/TLS validation for the entire Jenkins controller JVM as part ...

7.3AI score0.00523EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/03/29 12:30 p.m.36 views

CVE-2022-28142

Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally for the Jenkins controller JVM when configured to ignore SSL/TLS issues...

7.2AI score0.00642EPSS
Exploits0References2
Rows per page
Query Builder