CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-1259

Malware in sbrugna...

4.3CVSS4.6AI score0.00253EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-2338

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00151EPSS

Exploits0References5

RedhatCVE•added 2025/05/22 9:30 p.m.•8 views

CVE-2021-21619

Jenkins Claim Plugin 2.18.1 and earlier does not escape the user display name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers who are able to control the display names of Jenkins users, either via the security realm, or directly inside Jenkins...

5.4CVSS5.5AI score0.00151EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:11 p.m.•8 views

CVE-2021-21620

A cross-site request forgery CSRF vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims...

4.3CVSS6.7AI score0.00253EPSS

Exploits0References1

OSV•added 2022/05/24 5:43 p.m.•10 views

GHSA-48HR-JG4P-W4P4 XSS vulnerability in Jenkins Claim Plugin

Jenkins Claim Plugin 2.18.1 and earlier does not escape the user display name shown in claims. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers who are able to control the display names of Jenkins users, either via the security realm, or directly inside...

5.4CVSS5.5AI score0.00151EPSS

Exploits0References4

Github Security Blog•added 2022/05/24 5:43 p.m.•15 views

XSS vulnerability in Jenkins Claim Plugin

5.4CVSS4.9AI score0.00151EPSS

Exploits0References4Affected Software1

Tenable Nessus•added 2021/11/19 12:0 a.m.•41 views

Jenkins Enterprise and Operations Center < 2.222.43.0.2 rev3 / 2.249.30.0.2 rev3 / 2.263.4.1 rev2 Multiple Vulnerabilities (CloudBees Security Advisory 2021-02-24)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.222.x prior to 2.222.43.0.2 rev3, 2.249.x prior to 2.249.30.0.2 rev3, or 2.x prior to 2.263.4.1 rev2. It is, therefore, affected by multiple vulnerabilities, including the following: - A cross-sit...

8.8CVSS5.9AI score0.02018EPSS

Exploits0References8

Check Point Advisories•added 2021/06/30 12:0 a.m.•4 views

Jenkins Claim Plugin Cross-Site Scripting (CVE-2021-21619)

A stored cross-site scripting vulnerability exists in Jenkins Claim plugin. This vulnerability is due to insufficient validation of the displayName shown in claims...

3.5CVSS5.4AI score0.00151EPSS

Exploits0

Github Security Blog•added 2021/06/16 5:29 p.m.•70 views

Cross-Site Request Forgery in the Jenkins Claim plugin

Jenkins Claim Plugin 2.18.1 and earlier does not require POST requests for the form submission endpoint assigning claims, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to change claims. Jenkins Claim Plugin 2.18.2 requires POST requests for the...

4.3CVSS4.9AI score0.00253EPSS

Exploits0References3Affected Software1

OSV•added 2021/06/16 5:29 p.m.•23 views

GHSA-4FFQ-6G62-J4V4 Cross-Site Request Forgery in the Jenkins Claim plugin

4.3CVSS4.8AI score0.00253EPSS

Exploits0References3

CNVD•added 2021/02/26 12:0 a.m.•6 views

CloudBees Jenkins Claim Plugin Cross-Site Scripting Vulnerability

Jenkins Claim is an open source application plugin for Jenkins. Provides users to declare failed builds and tests from Jenkins to show that they are responsible for fixing them . A cross-site script execution vulnerability exists in Jenkins Claim Plugin version 2.18.1 and earlier. The vulnerabili...

5.4CVSS5.9AI score0.00151EPSS

Exploits0References1

CNVD•added 2021/02/26 12:0 a.m.•10 views

CloudBees Jenkins Claim Plugin Cross-Site Request Forgery Vulnerability

Jenkins Claim is a Jenkins open source application plug-in . A cross-site request forgery vulnerability exists in Jenkins Claim Plugin version 2.18.1 and earlier. The vulnerability stems from the program not making a POST request to the form submission endpoint of the assigned claim. An attacker...

4.3CVSS6.4AI score0.00253EPSS

Exploits0References1

NVD•added 2021/02/24 4:15 p.m.•16 views

CVE-2021-21620

A cross-site request forgery CSRF vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims...

4.3CVSS0.00253EPSS

Exploits0References1

OSV•added 2021/02/24 4:15 p.m.•15 views

CVE-2021-21620

A cross-site request forgery CSRF vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims...

4.3CVSS6.7AI score

Exploits0References1

OSV•added 2021/02/24 4:15 p.m.•12 views

CVE-2021-21619

5.4CVSS5.5AI score

Exploits0References2

NVD•added 2021/02/24 4:15 p.m.•8 views

CVE-2021-21619

5.4CVSS0.00151EPSS

Exploits0References2

Prion•added 2021/02/24 4:15 p.m.•9 views

Cross site scripting

3.5CVSS5.3AI score0.00151EPSS

Exploits0References2Affected Software1

Prion•added 2021/02/24 4:15 p.m.•17 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims...

4.3CVSS4.6AI score0.00253EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/02/24 3:5 p.m.•12 views

CVE-2021-21620

A cross-site request forgery CSRF vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims...

5.3AI score0.00253EPSS

Exploits0References1

CVE•added 2021/02/24 3:5 p.m.•72 views

CVE-2021-21620

CVE-2021-21620 : Jenkins Claim Plugin 2.18.1 and earlier is vulnerable to cross-site request forgery (CSRF), allowing attackers to change claims. The issue stems from the affected endpoint not requiring proper request authentication/POST handling (per sources), enabling unauthorized claim modific...

4.3CVSS4.9AI score0.00253EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by