Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/06/16 12:57 p.m.6 views

CVE-2026-53438

A flaw was found in Jenkins. A missing permission check allows an attacker, who has 'Item/Cancel' permission but lacks 'Item/Read' permission, to cancel queue items they are not authorized to view. This could lead to unauthorized disruption of queued tasks within Jenkins...

6.5CVSS5.2AI score0.00213EPSS
Exploits0References4
NVD
NVD
added 2026/06/10 2:16 p.m.9 views

CVE-2026-53438

A missing permission check in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allows attackers with Item/Cancel permission, but lacking Item/Read permission, to cancel queue items they do not have permission to view...

4.3CVSS0.00213EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 1:5 p.m.38 views

CVE-2026-53438

A missing permission check in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allows attackers with Item/Cancel permission, but lacking Item/Read permission, to cancel queue items they do not have permission to view...

0.00213EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.11 views

PT-2026-48423

Name of the Vulnerable Software and Affected Versions Jenkins versions prior to 2.568 Jenkins LTS versions prior to 2.555.3 Description A missing permission check allows attackers who possess the Item/Cancel permission, but lack the Item/Read permission, to cancel queue items that they are not...

4.3CVSS5.2AI score0.00213EPSS
Exploits0References5
OSV
OSV
added 2026/06/08 4:16 p.m.6 views

UBUNTU-CVE-2026-46275

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to Use-After-Free UAF and Null Pointer Dereference NPD conditions were observed in the lifecycle management of hciuart. The primary...

7.8CVSS5.4AI score0.00204EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2026/05/08 9:25 p.m.13 views

CVE-2026-43382

A flaw was found in the batman-adv module of the Linux kernel. This vulnerability occurs when the batadvvelpgetthroughput function attempts to acquire a network lock RTNL lock that is already held, particularly during the cancellation of a work queue item. This can lead to a deadlock, causing a...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.10 views

RHCOS 4 : OpenShift Container Platform 4.8.15 (RHSA-2021:3820)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3820 advisory. - jenkins: improper permission checks allow canceling queue items and aborting builds CVE-2021-21670 - jenkins: session fixation...

7.5CVSS7.2AI score0.07032EPSS
Exploits4References16
NVD
NVD
added 2026/04/22 2:16 p.m.4 views

CVE-2026-31473

In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex MEDIAREQUESTIOCREINIT can run concurrently with VIDIOCREQBUFS0 queue teardown paths. This can race request object cleanup against vb2 queue cancellation and lead to...

7.8CVSS0.00126EPSS
Exploits0References8
OSV
OSV
added 2025/12/05 9:7 a.m.7 views

RLSA-2025:22395 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ublk: make sure ubq-canceling is set when queue is frozen CVE-2025-22068 kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: mm/memory-failure:...

7.6CVSS6.5AI score0.00193EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between the HCIMGMT flag setting and the initialization of a work queue, which could lead t...

7CVSS6.2AI score0.00098EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/05/02 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the intel-ish-hid driver not properly canceling a work queue, which could lead to reuse after release...

7.8CVSS6.4AI score0.00163EPSS
Exploits0References4
NVD
NVD
added 2025/04/16 3:16 p.m.10 views

CVE-2025-22068

In the Linux kernel, the following vulnerability has been resolved: ublk: make sure ubq-canceling is set when queue is frozen Now ublk driver depends on ubq-canceling for deciding if the request can be dispatched via uringcmd & iouringcmdcompleteintask. Once ubq-canceling is set, the uringcmd can...

7.8CVSS0.0017EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/06/30 12:0 a.m.5 views

PT-2021-14713 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.299 and earlier Jenkins LTS versions 2.289.1 and earlier Description: The issue allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read...

4.3CVSS4.6AI score0.01982EPSS
Exploits0References10
CNVD
CNVD
added 2018/07/30 12:0 a.m.3 views

CloudBees Jenkins Unauthorized Operation Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . An...

4.3CVSS5.2AI score0.00759EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/07/23 7:0 p.m.32 views

CVE-2018-1999003

A Improper authorization vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in Queue.java that allows attackers with Overall/Read permission to cancel queued builds...

6AI score0.00759EPSS
Exploits0References2
Rows per page
Query Builder