Lucene search
K

75 matches found

Vulnrichment
Vulnrichment
added 2023/01/24 12:0 a.m.6 views

CVE-2023-24442

Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file...

7.2AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2022/06/30 6:15 p.m.6 views

CVE-2022-34800

Jenkins Build Notifications Plugin 1.5.0 and earlier stores tokens unencrypted in its global configuration files on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

4.3CVSS5.8AI score0.00557EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/30 6:15 p.m.4 views

CVE-2022-34800

Jenkins Build Notifications Plugin 1.5.0 and earlier stores tokens unencrypted in its global configuration files on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

4.3CVSS5.9AI score0.00557EPSS
Exploits0References2
CVE
CVE
added 2022/06/30 5:48 p.m.258 views

CVE-2022-34800

The CVE-2022-34800 entry corresponds to Jenkins Build Notifications Plugin 1.5.0 and earlier, where tokens are stored unencrypted in the Jenkins controller’s global configuration files. Affected files include the plugin’s global configuration artifacts (e.g., PushoverNotifier.xml, SlackNotifier.x...

4.3CVSS4.8AI score0.00557EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/06/30 12:0 a.m.5 views

Jenkins Plugin Cisco Spark 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.An information disclosure vulnerability...

4.3CVSS5.6AI score0.00557EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/06/30 12:0 a.m.3 views

PT-2022-22352 · Jenkins · Jenkins Build Notifications Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Build Notifications Plugin versions 1.5.0 and earlier Description: The issue allows users with access to the Jenkins controller file system to view tokens stored unencrypted in the plugin's global configuration files. Specifically,...

4.3CVSS4.3AI score0.00557EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/06/30 12:0 a.m.7 views

Jenkins Plugin Build Notifications 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.An information disclosure vulnerability...

4.3CVSS5.6AI score0.00557EPSS
Exploits0References5
CVE
CVE
added 2022/03/15 4:46 p.m.143 views

CVE-2022-27218

CVE-2022-27218 affects Jenkins incapptic connect uploader Plugin 1.15 and earlier. The connected Red Hat/NVD/OSV/GHSA entries confirm that tokens are stored unencrypted in job config.xml files on the Jenkins controller and can be viewed by users with Extended Read permission or with access to the...

4.3CVSS4.8AI score0.00737EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/03/15 12:0 a.m.11 views

Jenkins incapptic connect uploader 插件安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application. jenkins incapptic connect uploader Plug...

4.3CVSS5.7AI score0.00737EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/03/15 12:0 a.m.5 views

Jenkins Vmware vRealize CodeStream 插件安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Vmware vRealize CodeStream Plugin...

6.5CVSS5.7AI score0.00934EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/10/16 12:0 a.m.5 views

PT-2019-11841 · Jenkins · Jenkins Sofy.Ai Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Sofy.AI Plugin affected versions not specified Description: The issue concerns the storage of sensitive information by the Jenkins Sofy.AI Plugin. Specifically, it stores credentials and an API token unencrypted in job config.xml file...

4.3CVSS4.3AI score0.00511EPSS
Exploits0References5
NVD
NVD
added 2019/08/19 3:15 p.m.28 views

CVE-2019-11276

Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.16, 2.4.x prior to 2.4.12, 2.5.x prior to 2.5.8, and 2.6.x prior to 2.6.3, makes a request to the /cloudapplication endpoint via Spring actuator, and subsequent requests via unsecured http. An adjacent...

5.4CVSS5.5AI score0.00336EPSS
Exploits0References1
OSV
OSV
added 2019/08/19 3:15 p.m.6 views

CVE-2019-11276

Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.16, 2.4.x prior to 2.4.12, 2.5.x prior to 2.5.8, and 2.6.x prior to 2.6.3, makes a request to the /cloudapplication endpoint via Spring actuator, and subsequent requests via unsecured http. An adjacent...

5.4CVSS6.1AI score0.00336EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.6 views

PT-2019-11693 · Jenkins · Jenkins Netsparker Cloud Scan Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Netsparker Cloud Scan Plugin version 1.1.5 and older Jenkins Netsparker Enterprise Scan Plugin affected versions not specified Description: The issue concerns the storage of sensitive information in plain text within configuration fil...

8.8CVSS8.4AI score0.01832EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2012/04/06 4:58 p.m.12 views

Facebook Reassures Users, But Hole May Put Mobile Data at Risk

UPDATED: Facebook Security assured users on Thursday who access their Facebook account via Android or iOS devices that mobile sessions on the social networking site aren’t vulnerable to hacking. However, research published this week suggests otherwise. A blog entry posted by UK-based mobile...

Exploits0References5
Rows per page
Query Builder