CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

hivepro•added 2026/05/29 10:20 a.m.•17 views

Kubernetes Security Scanning: A DevSecOps Guide

A clean container image is not proof of a secure Kubernetes workload. New CVEs, unsafe configurations, and excessive permissions can turn an approved deployment into an active exposure. Contact Hive Pro to review your Kubernetes container security priorities. Kubernetes security scanning is the...

5.8AI score

Exploits0

Snyk•added 2026/01/29 10:52 p.m.•2 views

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the buildCmd function. An attacker can execute arbitrary commands by supplying crafted values in the buildOptions structure, which are embedded unsafely in Makefile commands. Note: This is only exploitabl...

7.8CVSS5.9AI score0.01281EPSS

Exploits1References2

HackRead•added 2025/12/05 1:25 p.m.•6 views

PromptPwnd Vulnerability Exposes AI driven build systems to Data Theft

Aikido Security exposes a new AI prompt injection flaw in GitHub/GitLab pipelines, letting attackers steal secrets. Major companies affected...

7.3AI score

Exploits0

CVE•added 2024/11/19 3:32 p.m.•48 views

CVE-2024-52582

Cachi2 (open source CLI) is affected up to version 0.13.x; when an unhandled exception occurs, the tool logs function locals, potentially exposing secrets in CI/build logs. Version 0.14.0 includes a patch to fix this. No other exploit details are provided in the documents. Remediation: upgrade to...

4.7CVSS4.7AI score0.00179EPSS

Exploits0References3

Vulnrichment•added 2024/11/19 3:32 p.m.•12 views

CVE-2024-52582 cachi2 allows traceback prints locals

Cachi2 is a command-line interface tool that pre-fetches a project's dependencies to aid in making the project's build process network-isolated. Prior to version 0.14.0, secrets may be shown in logs when an unhandled exception is triggered because the tool is logging locals of each function. This...

4.7CVSS6.8AI score0.00179EPSS

Exploits0References3

OSV•added 2024/11/19 3:32 p.m.•5 views

CVE-2024-52582 cachi2 allows traceback prints locals

4.7CVSS6.8AI score0.00179EPSS

Exploits0References5

The Hacker News•added 2023/09/26 5:0 a.m.•63 views

Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers

A critical security vulnerability in the JetBrains TeamCity continuous integration and continuous deployment CI/CD software could be exploited by unauthenticated attackers to achieve remote code execution on affected systems. The flaw, tracked as CVE-2023-42793, carries a CVSS score of 9.8 and ha...

9.8CVSS10AI score0.99979EPSS

Exploits21

CISA•added 2021/10/29 12:0 a.m.•23 views

GoCD Authentication Vulnerability

GoCD has released a security update to address a critical authentication vulnerability in GoCD versions 20.6.0 through 21.2.0. GoCD is an open-source Continuous Integration and Continuous Delivery system. A remote attacker could exploit this vulnerability to obtain sensitive information. CISA...

6.8AI score

Exploits0References3

Fedora•added 2017/03/05 8:50 p.m.•30 views

[SECURITY] Fedora 24 Update: jenkins-1.651.3-2.fc24

Jenkins is an award-winning, cross-platform, continuous integration and continuous delivery application that increases your productivity. Use Jenkins to build and test your software projects continuously making it easier for developers to integrate changes to the project, and making it easier for...

9.8CVSS3.4AI score0.9765EPSS

Exploits5

Fedora•added 2016/12/01 3:57 p.m.•32 views

[SECURITY] Fedora 25 Update: jenkins-1.651.3-2.fc25

9.8CVSS3.4AI score0.9765EPSS

Exploits5

Fedora•added 2016/05/17 3:23 p.m.•27 views

[SECURITY] Fedora 24 Update: jenkins-1.651.1-1.fc24

7.5CVSS3.4AI score0.01721EPSS

Exploits0

Fedora•added 2016/03/17 9:0 p.m.•62 views

[SECURITY] Fedora 23 Update: jenkins-1.625.3-3.fc23