Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

102 matches found

Cvelist
Cvelistadded 2019/09/25 3:5 p.m.12 views

CVE-2019-10412

Jenkins Inedo ProGet Plugin 1.2 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

7.6AI score0.00888EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2019/09/25 12:0 a.m.3 views

PT-2019-11806 · Jenkins · Jenkins Inedo Proget Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Inedo ProGet Plugin versions 1.2 and earlier Description: The issue concerns the transmission of configured credentials in plain text as part of the global Jenkins configuration form, potentially leading to their exposure. Specificall...

7.5CVSS7.2AI score0.00888EPSS
Exploits0References5
OpenVAS
OpenVASadded 2018/10/01 12:0 a.m.10 views

Inedo ProGet Detection

Detection of Inedo ProGet. The script sends a connection request to the server and attempts to detect Inedo ProGet and to extract its version. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

7AI score
Exploits0References1
OpenVAS
OpenVASadded 2018/10/01 12:0 a.m.20 views

Inedo ProGet < 5.0.4 CSRF Vulnerability

Inedo ProGet is prone to a CSRF vulnerability allowing an attacker to change advanced settings. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

6.5CVSS6.5AI score0.00411EPSS
Exploits0References1
CNVD
CNVDadded 2018/09/28 12:0 a.m.1 views

Inedo ProGet Cross-Site Scripting Vulnerability

Inedo ProGet is a general-purpose package manager from Inedo USA with package management, filtering and upgrading features. A cross-site scripting vulnerability exists in Inedo ProGet versions prior to 5.0 Beta5. A remote attacker can exploit the vulnerability to change advanced settings...

6.5CVSS6.3AI score0.00411EPSS
Exploits0References1
OSV
OSVadded 2018/09/26 9:29 p.m.0 views

CVE-2017-15608

Inedo ProGet before 5.0 Beta5 has CSRF, allowing an attacker to change advanced settings...

6.5CVSS5.8AI score
Exploits0References2
Prion
Prionadded 2018/09/26 9:29 p.m.12 views

Cross site request forgery (csrf)

Inedo ProGet before 5.0 Beta5 has CSRF, allowing an attacker to change advanced settings...

4.3CVSS6.5AI score0.00411EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2018/09/26 9:29 p.m.18 views

CVE-2017-15608

Inedo ProGet before 5.0 Beta5 has CSRF, allowing an attacker to change advanced settings...

6.5CVSS6.5AI score0.00411EPSS
Exploits0References2
CVE
CVEadded 2018/09/26 9:0 p.m.45 views

CVE-2017-15608

Inedo ProGet is affected by a CSRF vulnerability in versions before 5.0 Beta5, enabling an attacker to change advanced settings. The issue is documented across multiple sources (NVD/NVD3/OpenVAS) with CVSS metrics: CVSSv3 base score 6.5 (I:H) and CVSSv2 base score 4.3 (I:P). Root cause is a cross...

6.5CVSS6.4AI score0.00411EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2018/09/26 9:0 p.m.12 views

CVE-2017-15608

Inedo ProGet before 5.0 Beta5 has CSRF, allowing an attacker to change advanced settings...

6.4AI score0.00411EPSS
Exploits0References2
CNVD
CNVDadded 2018/08/08 12:0 a.m.3 views

CloudBees Jenkins Inedo ProGet Plugin SSL / TLS Certificate Validation Vulnerability

CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Inedo ProGet Plugin is used in one o...

7.4CVSS7.5AI score0.00793EPSS
Exploits0References1
OSV
OSVadded 2018/08/01 1:29 p.m.1 views

CVE-2018-1999034

A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to...

7.4CVSS5.8AI score0.00793EPSS
Exploits0References1
NVD
NVDadded 2018/08/01 1:29 p.m.14 views

CVE-2018-1999034

A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to...

7.4CVSS7.3AI score0.00793EPSS
Exploits0References1
Prion
Prionadded 2018/08/01 1:29 p.m.14 views

Design/Logic Flaw

A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to...

5.8CVSS7.3AI score0.00793EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2018/08/01 1:0 p.m.46 views

CVE-2018-1999034

CVE-2018-1999034 describes a man-in-the-middle vulnerability in Jenkins Inedo ProGet Plugin versions 0.8 and earlier, affecting ProGetApi.java, ProGetConfig.java, and ProGetConfiguration.java. The issue enables an attacker to impersonate any service that Jenkins connects to, due to insecure handl...

7.4CVSS7.3AI score0.00793EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2018/08/01 1:0 p.m.16 views

CVE-2018-1999034

A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to...

7.3AI score0.00793EPSS
Exploits0References1
CNVD
CNVDadded 2017/10/11 12:0 a.m.3 views

Inedo ProGet Design Vulnerability

Inedo ProGet is a general-purpose package manager from Inedo Japan with package management, filtering and upgrading features. A security vulnerability exists in Inedo ProGet versions prior to 4.7.14, which stems from the program's failure to properly handle malicious packet IDs.No information is...

7.5CVSS7.5AI score0.00863EPSS
Exploits0References1
OSV
OSVadded 2017/09/30 1:29 a.m.3 views

CVE-2017-14944

Inedo ProGet before 4.7.14 does not properly address dangerous package IDs during package addition, aka PG-1060...

7.5CVSS5.8AI score0.00863EPSS
Exploits0References1
NVD
NVDadded 2017/09/30 1:29 a.m.15 views

CVE-2017-14944

Inedo ProGet before 4.7.14 does not properly address dangerous package IDs during package addition, aka PG-1060...

7.5CVSS7.6AI score0.00863EPSS
Exploits0References1
Prion
Prionadded 2017/09/30 1:29 a.m.17 views

Code injection

Inedo ProGet before 4.7.14 does not properly address dangerous package IDs during package addition, aka PG-1060...

5CVSS7.6AI score0.00863EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder