CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-0436

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00088EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 3:21 a.m.•12 views

CVE-2023-24457

A cross-site request forgery CSRF vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account...

6.5CVSS6.8AI score0.00088EPSS

Exploits0References1

OSV•added 2023/01/26 9:18 p.m.•0 views

CVE-2023-24457

A cross-site request forgery CSRF vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account...

6.5CVSS6.6AI score0.00088EPSS

Exploits0References1

NVD•added 2023/01/26 9:18 p.m.•21 views

CVE-2023-24457

A cross-site request forgery CSRF vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account...

6.5CVSS6.5AI score0.00088EPSS

Exploits0References1

Prion•added 2023/01/26 9:18 p.m.•17 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account...

4.3CVSS6.5AI score0.00088EPSS

Exploits0References1Affected Software1

CVE•added 2023/01/24 12:0 a.m.•80 views

CVE-2023-24457

CVE-2023-24457 describes a CSRF vulnerability in the Jenkins Keycloak Authentication Plugin (versions

6.5CVSS6.4AI score0.00088EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/01/24 12:0 a.m.•16 views

CVE-2023-24457

A cross-site request forgery CSRF vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account...

6.7AI score0.00088EPSS

Exploits0References1

CVE•added 2023/01/24 12:0 a.m.•84 views

CVE-2023-24456

CVE-2023-24456 affects Jenkins Keycloak Authentication Plugin 2.3.0 and earlier. The issue: login does not invalidate the previous session, enabling session fixation. Impact noted as high/critical (CVSS 3.1 base 9.8). Affected versions: 2.3.0 and earlier. Remediation guidance in connected docs: u...

9.8CVSS9.4AI score0.00395EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/01/24 12:0 a.m.•4 views

CVE-2023-24457

A cross-site request forgery CSRF vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account...

7.1AI score0.00088EPSS

Exploits0References1

Positive Technologies•added 2023/01/24 12:0 a.m.•2 views

PT-2023-19616 · Jenkins · Jenkins Keycloak Authentication Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Keycloak Authentication Plugin versions 2.3.0 and earlier Description: The issue arises because the plugin does not invalidate the previous session on login, which could lead to security concerns. Recommendations: For versions 2.3.0 a...

9.8CVSS9.3AI score0.00395EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by