Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

31 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-6856

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00079EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2023-1376

Malicious code in bioql PyPI...

8.2CVSS8AI score0.01056EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/23 1:14 a.m.7 views

CVE-2022-41229

Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.134 and earlier does not escape configuration options of the Execute NetStorm/NetCloud Test build step, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.4AI score0.09489EPSS
Exploits0References1
OSV
OSVadded 2023/05/16 6:30 p.m.15 views

GHSA-GQXR-HVRW-6HFH Jenkins NS-ND Integration Performance Publisher Plugin displays credentials without masking

Jenkins NS-ND Integration Performance Publisher Plugin stores credentials in job config.xml files on the Jenkins controller as part of its configuration. While these credentials are stored encrypted on disk, in NS-ND Integration Performance Publisher Plugin 4.8.0.149 and earlier, the job...

3.1CVSS7.6AI score0.00471EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2023/05/16 6:30 p.m.16 views

Jenkins NS-ND Integration Performance Publisher Plugin displays credentials without masking

Jenkins NS-ND Integration Performance Publisher Plugin stores credentials in job config.xml files on the Jenkins controller as part of its configuration. While these credentials are stored encrypted on disk, in NS-ND Integration Performance Publisher Plugin 4.8.0.149 and earlier, the job...

7.5CVSS6.6AI score0.00471EPSS
Exploits0References3Affected Software1
CNNVD
CNNVDadded 2023/05/16 12:0 a.m.3 views

Jenkins NS-ND Integration Performance Publisher Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

7.5CVSS7.3AI score0.00471EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2023/04/02 9:30 p.m.25 views

Jenkins Performance Publisher Plugin vulnerable to XML external entity (XXE) attacks

Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control PerfPublisher report files to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets...

8.2CVSS7.9AI score0.01056EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2023/04/02 9:15 p.m.2 views

CVE-2023-28682

Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.2CVSS7.3AI score0.01056EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/03/23 11:26 a.m.7 views

CVE-2023-28682

Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.2AI score0.01056EPSS
Exploits0References1
CVE
CVEadded 2022/11/15 12:0 a.m.264 views

CVE-2022-38666

CVE-2022-38666 affects Jenkins NS-ND Integration Performance Publisher Plugin, where versions 4.8.0.146 and earlier unconditionally disable SSL/TLS certificate and hostname validation for several features. Root cause: unconditional disabling of TLS validation within the plugin. Documented impact:...

7.5CVSS7.6AI score0.0006EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2022/11/15 12:0 a.m.265 views

CVE-2022-45392

CVE-2022-45392 concerns the Jenkins NS-ND Integration Performance Publisher Plugin (v4.8.0.143 and earlier). The vulnerability stores passwords in plaintext in job config.xml files on the Jenkins controller, allowing exposure to anyone with Extended Read permission or access to the controller fil...

6.5CVSS6.5AI score0.00354EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2022/11/15 12:0 a.m.2 views

Jenkins NS-ND Integration Performance Publisher Plugin 信任管理问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A trust management issue...

7.5CVSS7.3AI score0.0006EPSS
Exploits0References7
CVE
CVEadded 2022/11/15 12:0 a.m.267 views

CVE-2022-45391

Affected product: Jenkins NS-ND Integration Performance Publisher Plugin (version 4.8.0.143 and earlier). Issue: plugin globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM, undermining TLS trust and enabling potential interceptio...

7.5CVSS7.6AI score0.00071EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blogadded 2022/09/22 12:0 a.m.30 views

Jenkins NS-ND Integration Performance Publisher Plugin vulnerable to Cross-Site Request Forgery

A cross-site request forgery CSRF vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials. Version 4.8.0.130 requires POST requests and Overall/Administer...

8.8CVSS8.2AI score0.00079EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blogadded 2022/09/22 12:0 a.m.25 views

Jenkins NS-ND Integration Performance Publisher Plugin vulnerable to Cross-site Scripting

Jenkins NS-ND Integration Performance Publisher Plugin prior to version 4.8.0.147 does not escape configuration options of the Execute NetStorm/NetCloud Test build step, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.3AI score0.09489EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blogadded 2022/09/22 12:0 a.m.28 views

Jenkins NS-ND Integration Performance Publisher Plugin vulnerable to Missing Authorization

A missing permission check in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers with Overall/Read permissions to connect to an attacker-specified webserver using attacker-specified credentials. Version 4.8.0.130 requires POST requests and...

8.8CVSS8.2AI score0.00288EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2022/09/22 12:0 a.m.26 views

GHSA-JJCH-7G85-4M72 Jenkins NS-ND Integration Performance Publisher Plugin vulnerable to Cross-Site Request Forgery

A cross-site request forgery CSRF vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials. Version 4.8.0.130 requires POST requests and Overall/Administer...

4.3CVSS8.6AI score0.00079EPSS
Exploits0References3
OSV
OSVadded 2022/09/21 4:15 p.m.2 views

CVE-2022-41227

A cross-site request forgery CSRF vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials...

8.8CVSS5.7AI score
Exploits0References1
NVD
NVDadded 2022/09/21 4:15 p.m.15 views

CVE-2022-41228

A missing permission check in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers with Overall/Read permissions to connect to an attacker-specified webserver using attacker-specified credentials...

8.8CVSS0.00288EPSS
Exploits0References1
Prion
Prionadded 2022/09/21 4:15 p.m.13 views

Cross site scripting

Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.134 and earlier does not escape configuration options of the Execute NetStorm/NetCloud Test build step, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

4.9CVSS5.3AI score0.09489EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder