155 matches found
EUVD-2022-2961
Malicious code in bioql PyPI...
EUVD-2022-5949
Malicious code in bioql PyPI...
EUVD-2022-5666
Malicious code in bioql PyPI...
EUVD-2022-4191
Malicious code in bioql PyPI...
EUVD-2022-2364
Malicious code in bioql PyPI...
EUVD-2022-1961
Malicious code in bioql PyPI...
EUVD-2022-3442
Malicious code in bioql PyPI...
EUVD-2022-5188
Malicious code in bioql PyPI...
EUVD-2022-5815
Malicious code in bioql PyPI...
EUVD-2022-5047
Malicious code in bioql PyPI...
EUVD-2022-5633
Malicious code in bioql PyPI...
EUVD-2022-1971
Malicious code in bioql PyPI...
EUVD-2022-4308
Malicious code in bioql PyPI...
CVE-2021-21628
Jenkins Build With Parameters Plugin 1.5 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2021-21616
Jenkins Active Choices Plugin 2.5.2 and earlier does not escape reference parameter values, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2021-21635
Jenkins REST List Parameter Plugin 1.3.0 and earlier does not escape a parameter name reference in embedded JavaScript, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2020-2316
Jenkins Static Analysis Utilities Plugin 1.96 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2020-2289
Jenkins Active Choices Plugin 2.4 and earlier does not escape the name and description of build parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2020-2263
Jenkins Radiator View Plugin 1.29 and earlier does not escape the full name of the jobs in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2020-2108
Jenkins WebSphere Deployer Plugin 1.6.1 and earlier does not configure the XML parser to prevent XXE attacks which can be exploited by a user with Job/Configure permissions...