CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

128 matches found

Vulnrichment•added 2026/05/27 2:13 p.m.•7 views

CVE-2026-48923

Jenkins AppSpider Plugin 1.0.17 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to connect to an attacker-specified URL...

5.8AI score0.00021EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:32 a.m.•5 views

CVE-2019-16567

A missing permission check in Jenkins Team Concert Plugin 1.3.0 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS6.4AI score0.00031EPSS

Exploits0References1

CVE•added 2025/10/29 1:29 p.m.•5 views

CVE-2025-64139

CVE-2025-64139 affects Jenkins Start Windocks Containers Plugin versions 1.4 and earlier. A missing permission check on an HTTP endpoint allows an attacker with Overall/Read permission to connect to an attacker-specified URL. Related advisories corroborate that this wormable-like behavior is via ...

4.3CVSS6.3AI score0.00025EPSS

Exploits0References2Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-4612

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00031EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-1899

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00221EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-3550

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00201EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-2145

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00069EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-2486

Malicious code in bioql PyPI...

6.4CVSS6.8AI score0.00039EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-2086

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00048EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-5202

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00031EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-5121

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00473EPSS

Exploits0References9

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-5477

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00214EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-2208

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00214EPSS

Exploits1References6

RedhatCVE•added 2025/05/22 10:19 p.m.•6 views

CVE-2022-20620

Missing permission checks in Jenkins SSH Agent Plugin 1.23 and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS6.4AI score0.0003EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:11 p.m.•7 views

CVE-2021-21651

Jenkins S3 publisher Plugin 0.11.6 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain the list of configured profiles...

4.3CVSS6.5AI score0.00065EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:58 a.m.•4 views

CVE-2019-10439

A missing permission check in Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier in various 'doFillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS6.4AI score0.00031EPSS

Exploits0References1

Positive Technologies•added 2024/08/07 12:0 a.m.•7 views

PT-2024-30269 · Jenkins +1 · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.470 and earlier Jenkins LTS versions 2.452.3 and earlier Description: The issue arises from a lack of permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views"...

8.8CVSS7.9AI score0.65896EPSS

Exploits4References15

OSV•added 2022/09/21 4:15 p.m.•2 views

CVE-2022-41246

A missing permission check in Jenkins Worksoft Execution Manager Plugin 10.0.3.503 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS5.8AI score

Exploits0References1

ATTACKERKB•added 2022/06/30 6:15 p.m.•2 views

CVE-2022-34811

A missing permission check in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to access the XPath Configuration Viewer page...

4.3CVSS5.9AI score0.00335EPSS

Exploits0References2

ATTACKERKB•added 2022/06/30 6:15 p.m.•2 views

CVE-2022-34818

Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs...

4.3CVSS5.9AI score0.00363EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by