Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987095)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987095 advisory. In the Linux kernel, the following vulnerability has been resolved: iavf: free qvectors before queues in iavfdisablevf iavffreequeues clears adapter-numactivequeues,...

EUVD-2025-9528

Malicious code in bioql PyPI...

Jenkins Simple Queue Plugin Cross-Site Request Forgery (CSRF)

Jenkins Simple Queue Plugin 1.4.6 and earlier does not require POST requests for multiple HTTP endpoints, resulting in cross-site request forgery CSRF vulnerabilities. These vulnerabilities allow attackers to change and reset the build queue order. Simple Queue Plugin 1.4.7 requires POST requests...

Cross-site Request Forgery (CSRF)

Overview io.jenkins.plugins:simple-queue is a plugin that enables to change queue order by simple up & down arrow buttons. UI Queue Sorter. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the HTTP endpoints. An attacker can manipulate the build queue order ...

CVE-2025-31723

A cross-site request forgery CSRF vulnerability in Jenkins Simple Queue Plugin 1.4.6 and earlier allows attackers to change and reset the build queue order...

CVE-2025-31723

A cross-site request forgery CSRF vulnerability in Jenkins Simple Queue Plugin 1.4.6 and earlier allows attackers to change and reset the build queue order...

CVE-2025-31723

The CVE-2025-31723 issue affects Jenkins Simple Queue Plugin 1.4.6 and earlier. A Cross-Site Request Forgery (CSRF) vulnerability lets an attacker change and reset the build queue order via forged HTTP requests. Exploitation is described in SNYK as feasible only when CSRF protection is disabled i...

Jenkins plugin Simple Queue 跨站请求伪造漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A cross-site reque...

PT-2025-14513 · Jenkins · Jenkins Simple Queue Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Simple Queue Plugin versions 1.4.6 and earlier Description: A cross-site request forgery CSRF issue allows attackers to change and reset the build queue order. Recommendations: For Jenkins Simple Queue Plugin versions 1.4.6 and earlie...

Borrower can manipulate the repayment queue, avoid paying back the initial lender

Lines of code Vulnerability details Impact In contract LineOfCredit, the repayment queue protects lenders and assured that they have to get paid back. Without a queue, a borrower could constantly refinance to lower rates and avoid paying back the initial lender from sponsors. Every time, borrower...