Lucene search
K

77 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:19 a.m.8 views

CVE-2024-2215

A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...

6.1CVSS6.8AI score0.00408EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-5891

Malicious code in bioql PyPI...

7.5CVSS6.7AI score0.01478EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-7095

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00493EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-3197

Malicious code in bioql PyPI...

5.3CVSS5.8AI score0.00958EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4980

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00678EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-5743

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00678EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 4:29 p.m.11 views

CVE-2020-2116

A cross-site request forgery vulnerability in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS6.5AI score0.00678EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:26 p.m.10 views

CVE-2020-2118

A missing permission check in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS6.4AI score0.00678EPSS
Exploits0
Cvelist
Cvelist
added 2024/11/19 4:32 p.m.21 views

CVE-2024-50535 WordPress Step by Step plugin <= 0.4.5 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kyle M Brown Step by Step step-by-step allows Stored XSS.This issue affects Step by Step: from n/a through = 0.4.5...

6.5CVSS0.00352EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.8 views

WordPress plugin Step by Step 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS6AI score0.00352EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/30 3:22 p.m.6 views

WordPress Step by Step plugin <= 0.4.5 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Step by Step versions = 0.4.5...

6.5CVSS5.8AI score0.00352EPSS
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2024/03/06 6:30 p.m.29 views

Jenkins docker-build-step Plugin missing permission check

A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting futu...

8.8CVSS6.7AI score0.00826EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2024/03/06 5:15 p.m.46 views

CVE-2024-2215

A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...

6.1CVSS5.7AI score0.00408EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 5:15 p.m.7 views

CVE-2024-2215

A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...

6.1CVSS6.7AI score
Exploits0References2
Prion
Prion
added 2024/03/06 5:15 p.m.34 views

Design/Logic Flaw

A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting futu...

6.9AI score0.00826EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/06 5:1 p.m.16 views

CVE-2024-2215

A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...

7.1AI score0.00408EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/06 5:1 p.m.15 views

CVE-2024-2216

A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting futu...

6.6AI score0.00826EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/06 5:1 p.m.45 views

CVE-2024-2215

A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...

6.7AI score0.00408EPSS
Exploits0References2
CVE
CVE
added 2024/03/06 5:1 p.m.96 views

CVE-2024-2215

CVE-2024-2215 : CSRF vulnerability in Jenkins docker-build-step Plugin (version ≤ 2.11) allows an attacker to connect to an attacker-specified TCP/Unix socket URL and reconfigure the plugin using provided connection test parameters, impacting subsequent build step executions. The description from...

6.1CVSS6.6AI score0.00408EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/03/06 5:1 p.m.100 views

CVE-2024-2216

CVE-2024-2216 affects the Jenkins docker-build-step Plugin (versions 2.11 and earlier). The issue is a missing permission check on an HTTP endpoint, allowing attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL and to reconfigure the plugin using the p...

8.8CVSS6.4AI score0.00826EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder