CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

14 matches found

CVE•added 2026/04/21 4:26 p.m.•5 views

CVE-2026-40161

Summary: Tekton Pipelines before 1.10.0, specifically the git resolver in API mode, can exfiltrate system-configured Git tokens when the token parameter is omitted. Affected software: Tekton Pipelines git resolver (API mode), versions 1.0.0–1.10.0. Vulnerability details: In API mode, the resolver...

7.7CVSS5.8AI score0.00037EPSS

Exploits0References3Affected Software1

Microsoft CVE•added 2025/10/02 6:11 a.m.•2 views

Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission.

...

5.4CVSS7AI score0.43618EPSS

Vulnrichment•added 2023/03/24 7:46 p.m.•8 views

CVE-2023-28446 Deno is vulnerable to interactive `run` permission prompt spoofing via improper ANSI neutralization

Deno is a simple, modern and secure runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Arbitrary program names without any ANSI filtering allows any malicious program to clear the first 2 lines of a opspawnchild or opkill prompt and replace it with any desired text. This wor...

8.8CVSS8.7AI score0.00469EPSS

Exploits1References3

SUSE CVE•added 2023/02/15 4:4 a.m.•3 views

SUSE CVE-2020-2243

Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission...

5.4CVSS5AI score0.00233EPSS

Exploits0References3

ATTACKERKB•added 2022/06/23 5:15 p.m.•3 views

CVE-2022-34176

Jenkins JUnit Plugin 1119.vaa5e9068dad7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission...

5.4CVSS6AI score0.43618EPSS

Exploits0References2

RedHat Linux•added 2022/05/04 6:22 p.m.•2 views

workflow-cps: Password parameters are included from the original build in replayed builds

A flaw was found in Jenkins. The Pipeline: Groovy Plugin includes password parameters from the original build in replayed builds. This flaw allows attackers with run/replay permission to obtain the values of password parameters passed to previous builds of a Pipeline...

4.3CVSS5.7AI score0.0004EPSS

Exploits0References4

RedHat Linux•added 2022/04/27 7:44 a.m.•3 views

workflow-cps: Password parameters are included from the original build in replayed builds

A flaw was found in Jenkins. The Pipeline: Groovy Plugin includes password parameters from the original build in replayed builds. This flaw allows attackers with run/replay permission to obtain the values of password parameters passed to previous builds of a Pipeline...

4.3CVSS5.7AI score0.0004EPSS

Exploits0References4

RedHat Linux•added 2022/04/13 1:49 p.m.•2 views

workflow-cps: Password parameters are included from the original build in replayed builds

A flaw was found in Jenkins. The Pipeline: Groovy Plugin includes password parameters from the original build in replayed builds. This flaw allows attackers with run/replay permission to obtain the values of password parameters passed to previous builds of a Pipeline...

4.3CVSS5.7AI score0.0004EPSS

Exploits0References4

RedHat Linux•added 2022/03/29 7:5 a.m.•3 views

workflow-cps: Password parameters are included from the original build in replayed builds

A flaw was found in Jenkins. The Pipeline: Groovy Plugin includes password parameters from the original build in replayed builds. This flaw allows attackers with run/replay permission to obtain the values of password parameters passed to previous builds of a Pipeline...

4.3CVSS5.7AI score0.0004EPSS

Exploits0References4

RedHat Linux•added 2022/03/28 11:56 a.m.•2 views

workflow-cps: Password parameters are included from the original build in replayed builds

A flaw was found in Jenkins. The Pipeline: Groovy Plugin includes password parameters from the original build in replayed builds. This flaw allows attackers with run/replay permission to obtain the values of password parameters passed to previous builds of a Pipeline...

4.3CVSS5.7AI score0.0004EPSS

Exploits0References4

OSV•added 2022/02/15 5:15 p.m.•2 views

CVE-2022-25180

Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds, allowing attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline...

4.3CVSS5.4AI score

Exploits0References1

ATTACKERKB•added 2022/02/15 5:15 p.m.•4 views

CVE-2022-25180

Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds, allowing attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline...

4.3CVSS5.8AI score0.0004EPSS

Exploits0References2

Positive Technologies•added 2020/09/01 12:0 a.m.•2 views

PT-2020-15464 · Jenkins · Jenkins Cadence Vmanager Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Cadence vManager Plugin versions 3.0.4 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. This occurs because build descriptions in tooltips are not properly escaped, allowing attackers...

8CVSS5AI score0.00233EPSS

Exploits0References6

CVE•added 2017/10/04 1:0 a.m.•64 views

CVE-2017-1000105

CVE-2017-1000105 affects Jenkins Blue Ocean: an optional Run/Artifacts permission can be enabled via a Java system property, and Blue Ocean did not verify this permission before granting access to archived artifacts, with Item/Read permission being sufficient. Several connected advisories note th...

5.3CVSS5.1AI score0.00038EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by