CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

568 matches found

RedhatCVE•added 2026/01/09 10:10 a.m.•6 views

CVE-2019-11350

CloudBees Jenkins Operations Center 2.150.2.3, when an expired trial license exists, allows Cleartext Password Storage and Retrieval via the proxy configuration page...

9.8CVSS6.9AI score0.00345EPSS

Exploits0References1

Veracode•added 2025/12/13 5:22 a.m.•4 views

Cross-site Scripting (XSS)

org.jenkins-ci.plugins:cloudbees-jenkins-advisor is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper escaping of server responses, which allows an attacker to inject malicious scripts that execute in the context of users viewing the affected content...

8.8CVSS5.8AI score0.00116EPSS

Exploits0References4Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-3029

Malware in sbrugna...

9.8CVSS9.5AI score0.00345EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-4967

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00125EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-4826

Malicious code in bioql PyPI...

3.5CVSS6.2AI score0.00085EPSS

Exploits0References7

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-4982

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00132EPSS

Exploits0References5

Snyk•added 2025/05/14 9:31 p.m.•5 views

Cross-site Scripting (XSS)

Overview org.jenkins-ci.plugins:cloudbees-jenkins-advisor is a plugin that proactively notifies you of problems with your Jenkins-based environment. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the failure to escape responses from the server. An attacker can...

8.8CVSS5.2AI score0.00116EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 5:30 a.m.•3 views

SUSE CVE-2014-2068

The doIndex function in hudson/util/RemotingDiagnostics.java in CloudBees Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users with the ADMINISTER permission to obtain sensitive information via vectors related to heapDump...

3.5CVSS6.1AI score0.00085EPSS

Exploits0References3

OSV•added 2022/05/17 3:53 a.m.•2 views

GHSA-PV88-J6RG-R56P Jenkins allows attackers to obtain sensitive information

3.5CVSS5.9AI score0.00085EPSS

Exploits0References5

CNVD•added 2021/09/01 12:0 a.m.•22 views

CloudBees Jenkins Nomad Plugin Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is a Java-based continuous integration tool developed by CloudBees, Inc. An information disclosure vulnerability exists in CloudBees Jenkins Nomad Plugin 0.7.4 and prior versions. The vulnerability is caused by the program storing unencrypted Docker passwords in the...

5.5CVSS0.4AI score0.00011EPSS

Exploits0References1

CNNVD•added 2021/08/31 12:0 a.m.•2 views

Jenkins 安全漏洞

5.5CVSS5.7AI score0.00011EPSS

Exploits0References3

CNVD•added 2021/05/26 12:0 a.m.•8 views

CloudBees Jenkins Filesystem Trigger Plugin XML External Entity Injection Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An XML external entity...

8.8CVSS7AI score0.00163EPSS

Exploits0References1

CNVD•added 2021/05/26 12:0 a.m.•7 views

CloudBees Jenkins Nuget Plugin XML External Entity Injection Vulnerability

9.1CVSS6.8AI score0.00686EPSS

Exploits0References1

CNVD•added 2021/05/26 12:0 a.m.•7 views

CloudBees Jenkins URLTrigger Plugin XML External Entity Injection Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software release/testing projects and some timed tasks . URLTrigger Plugin is used in one of the plugin used t...

8.1CVSS6.9AI score0.00289EPSS

Exploits0References1

CNVD•added 2021/05/12 12:0 a.m.•7 views

CloudBees Jenkins Dashboard View Plugin Cross-Site Scripting Vulnerability (CNVD-2021-36583)

5.4CVSS6AI score0.00188EPSS

Exploits0References1

CNVD•added 2021/05/12 12:0 a.m.•8 views

CloudBees Jenkins S3 publisher Plugin authorization issue vulnerability (CNVD-C-2021-118103)

4.3CVSS6.6AI score0.00065EPSS

Exploits0References1

CNVD•added 2021/05/12 12:0 a.m.•6 views

CloudBees Jenkins Xcode Integration Plugin XML External Entity Injection Vulnerability