Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/10/30 2:13 p.m.5 views

CVE-2025-64149

A cross-site request forgery CSRF vulnerability in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

5.4CVSS6.6AI score0.00188EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/29 1:29 p.m.8 views

CVE-2025-64141

A cross-site request forgery CSRF vulnerability in Jenkins Nexus Task Runner Plugin 0.9.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

0.0019EPSS
Exploits0References1
CVE
CVE
added 2024/10/08 8:40 a.m.69 views

CVE-2024-46886

CVE-2024-46886 affects Siemens SIMATIC S7-1500/S7-1200 CPUs; the vulnerability lies in the web server’s handling of input used for user redirection. This improper validation can let an attacker cause a user to be redirected to an attacker‑controlled URL, requiring the user to click an attacker‑cr...

5.1CVSS6.9AI score0.00368EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/02/12 10:27 a.m.5 views

jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials

A flaw was found in the blueocean Jenkins plugin. Affected versions of this plugin allow attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job...

8.8CVSS5.7AI score0.00537EPSS
Exploits0References5
OSV
OSV
added 2023/07/12 4:15 p.m.4 views

CVE-2023-37952

A cross-site request forgery CSRF vulnerability in Jenkins mabl Plugin 0.0.46 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS5.7AI score0.00376EPSS
Exploits0References2
OSV
OSV
added 2023/02/16 6:37 p.m.18 views

GO-2023-1567 Open redirect in github.com/caddyserver/caddy/v2

Due to improper request sanitization, a crafted URL can cause the static file handler to redirect to an attacker chosen URL, allowing for open redirect attacks...

6.1CVSS6.1AI score0.01431EPSS
Exploits1References3
OSV
OSV
added 2021/04/14 8:4 p.m.27 views

GO-2020-0039 Open redirect in gopkg.in/macaron.v1

Due to improper request sanitization, a specifically crafted URL can cause the static file handler to redirect to an attacker chosen URL, allowing for open redirect attacks...

6.1CVSS6.1AI score0.01375EPSS
Exploits1References3
Rows per page
Query Builder