CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

OSV•added 2025/10/29 2:15 p.m.•3 views

CVE-2025-64136

A cross-site request forgery CSRF vulnerability in Jenkins Themis Plugin 1.4.1 and earlier allows attackers to connect to an attacker-specified HTTP server...

4.3CVSS5.7AI score0.00183EPSS

Exploits0References2

Vulnrichment•added 2025/10/29 1:29 p.m.•1 views

CVE-2025-64136

A cross-site request forgery CSRF vulnerability in Jenkins Themis Plugin 1.4.1 and earlier allows attackers to connect to an attacker-specified HTTP server...

6.4AI score0.00183EPSS

Exploits0References1

CVE•added 2025/10/29 1:29 p.m.•18 views

CVE-2025-64136

The vulnerability CVE-2025-64136 affects Jenkins Themis Plugin versions 1.4.1 and earlier. Root cause: a cross-site request forgery (CSRF) flaw due to lack of permission checks in an HTTP endpoint, allowing an attacker with Overall/Read permission to trigger requests to an attacker-specified URL/...

4.3CVSS6.4AI score0.00183EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2025/10/29 12:0 a.m.•2 views

PT-2025-44286

Name of the Vulnerable Software and Affected Versions Jenkins Themis Plugin versions 1.4.1 and earlier Description A flaw exists in the Jenkins Themis Plugin where a missing permission check allows attackers possessing Overall/Read permission to establish a connection to a HTTP server specified b...

4.3CVSS6.3AI score0.00239EPSS

Exploits0References6

Positive Technologies•added 2025/10/29 12:0 a.m.•5 views

PT-2025-44285

Name of the Vulnerable Software and Affected Versions Jenkins Themis Plugin versions 1.4.1 and earlier Description A cross-site request forgery CSRF issue exists in Jenkins Themis Plugin. This allows attackers to potentially connect to an HTTP server specified by the attacker. A CSRF attack...

4.3CVSS6.5AI score0.00183EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by