Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

24 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-0704

Malware in sbrugna...

7.8CVSS7.5AI score0.00111EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-3046

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00103EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/06/25 1:50 p.m.5 views

Malicious code in dradis_brakeman (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/06/25 1:49 p.m.4 views

Malicious code in brakeman-translate_checkstyle_format (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSV
OSVadded 2024/06/25 1:49 p.m.4 views

MAL-2024-6792 Malicious code in brakeman-translate_checkstyle_format (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References1
Github Security Blog
Github Security Blogadded 2022/05/24 5:8 p.m.19 views

Stored XSS vulnerability in Jenkins brakeman Plugin

brakeman Plugin 0.12 and earlier did not escape values received from parsed JSON files when rendering them, resulting in a stored cross-site scripting vulnerability. This vulnerability can be exploited by users able to control the Brakeman post-build step input data.\n\nbrakeman Plugin 0.13 escap...

5.4CVSS5.1AI score0.00103EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2022/05/24 5:8 p.m.19 views

GHSA-7Q9R-VHG2-789W Stored XSS vulnerability in Jenkins brakeman Plugin

brakeman Plugin 0.12 and earlier did not escape values received from parsed JSON files when rendering them, resulting in a stored cross-site scripting vulnerability. This vulnerability can be exploited by users able to control the Brakeman post-build step input data.\n\nbrakeman Plugin 0.13 escap...

5.4CVSS5.2AI score0.00103EPSS
Exploits0References4
Kitploit
Kitploitadded 2021/07/05 9:30 p.m.54 views

Salus - Security Scanner Coordinator

Salus Security Automation as a Lightweight Universal Scanner, named after the Roman goddess of protection, is a tool for coordinating the execution of security scanners. You can run Salus on a repository via the Docker daemon and it will determine which scanners are relevant, run them and provide...

7.6AI score
Exploits0References21
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview brakeman-translatecheckstyleformat is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoi...

8CVSS6.9AI score
Exploits0References2
CNVD
CNVDadded 2020/02/17 12:0 a.m.1 views

CloudBees Jenkins Brakeman plugin cross-site scripting vulnerability

CloudBees Jenkins is a web application that can use a large number of servers as build slaves to handle larger build/test loads. A cross-site scripting vulnerability exists in the Brakeman plugin in CloudBees Jenkins, version 0.12 and earlier. The vulnerability stems from a lack of proper...

5.4CVSS6.4AI score0.00103EPSS
Exploits0References1
NVD
NVDadded 2020/02/12 3:15 p.m.8 views

CVE-2020-2122

Jenkins Brakeman Plugin 0.12 and earlier did not escape values received from parsed JSON files when rendering them, resulting in a stored cross-site scripting vulnerability exploitable by users able to control the Brakeman post-build step input data...

5.4CVSS5.3AI score0.00103EPSS
Exploits0References2
OSV
OSVadded 2020/02/12 3:15 p.m.11 views

CVE-2020-2122

Jenkins Brakeman Plugin 0.12 and earlier did not escape values received from parsed JSON files when rendering them, resulting in a stored cross-site scripting vulnerability exploitable by users able to control the Brakeman post-build step input data...

5.4CVSS5.9AI score
Exploits0References2
Prion
Prionadded 2020/02/12 3:15 p.m.12 views

Cross site scripting

Jenkins Brakeman Plugin 0.12 and earlier did not escape values received from parsed JSON files when rendering them, resulting in a stored cross-site scripting vulnerability exploitable by users able to control the Brakeman post-build step input data...

3.5CVSS5.2AI score0.00103EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2020/02/12 2:35 p.m.46 views

CVE-2020-2122

CVE-2020-2122 affects Jenkins Brakeman Plugin 0.12 and earlier. The stored XSS arises because values from parsed JSON are not escaped when rendering, allowing an attacker who can control the Brakeman post-build step input data to execute code in the browser. The advisory notes that upgrading to v...

5.4CVSS5.2AI score0.00103EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2020/02/12 2:35 p.m.10 views

CVE-2020-2122

Jenkins Brakeman Plugin 0.12 and earlier did not escape values received from parsed JSON files when rendering them, resulting in a stored cross-site scripting vulnerability exploitable by users able to control the Brakeman post-build step input data...

5.2AI score0.00103EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2020/02/12 12:0 a.m.1 views

PT-2020-15329 · Jenkins · Jenkins Brakeman Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Brakeman Plugin versions 0.12 and earlier Description: The issue is related to a stored cross-site scripting vulnerability. It occurs because the plugin does not escape values received from parsed JSON files when rendering them. This...

5.4CVSS5.1AI score0.00103EPSS
Exploits0References7
OSV
OSVadded 2019/10/25 7:41 p.m.20 views

GHSA-HHWC-8G49-J8JX Ruby_parser-legacy Incorrect Permission Assignment for Critical Resource

The rubyparser-legacy aka legacy gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files. For example, if the brakeman gem which has a legacy dependency 4.5.0 through 4.7.0 is used, a local user can insert malicious code into the...

7.8CVSS7.7AI score0.00111EPSS
Exploits1References5
Github Security Blog
Github Security Blogadded 2019/10/25 7:41 p.m.30 views

Ruby_parser-legacy Incorrect Permission Assignment for Critical Resource

The rubyparser-legacy aka legacy gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files. For example, if the brakeman gem which has a legacy dependency 4.5.0 through 4.7.0 is used, a local user can insert malicious code into the...

7.8CVSS7.5AI score0.00111EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2019/10/24 2:15 p.m.10 views

CVE-2019-18409

The rubyparser-legacy aka legacy gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files. For example, if the brakeman gem which has a legacy dependency 4.5.0 through 4.7.0 is used, a local user can insert malicious code into the...

7.8CVSS7.8AI score0.00111EPSS
Exploits1References1
Prion
Prionadded 2019/10/24 2:15 p.m.15 views

Design/Logic Flaw

The rubyparser-legacy aka legacy gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files. For example, if the brakeman gem which has a legacy dependency 4.5.0 through 4.7.0 is used, a local user can insert malicious code into the...

4.6CVSS7.7AI score0.00111EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder