CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

922 matches found

CNNVD•added 2021/04/07 12:0 a.m.•4 views

Jenkins 安全漏洞

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An improper privilege checkin...

6.5CVSS5.8AI score0.00139EPSS

Exploits0References4

CNVD•added 2021/03/31 12:0 a.m.•7 views

CloudBees Jenkins Jabber Notifier and Control Plugin Cross-Site Request Forgery Vulnerability

6.5CVSS6.5AI score0.00047EPSS

Exploits0References1

CNVD•added 2021/03/31 12:0 a.m.•8 views

CloudBees Jenkins REST List Parameter Plugin Cross-Site Scripting Vulnerability

5.4CVSS6AI score0.00205EPSS

Exploits0References1

CNVD•added 2021/03/31 12:0 a.m.•8 views

CloudBees Jenkins Team Foundation Server Plugin Improper Authorization Vulnerability (CNVD-2021-25258)

4.3CVSS6.3AI score0.00031EPSS

Exploits0References1

CNVD•added 2021/03/31 12:0 a.m.•6 views

CloudBees Jenkins Extra Columns Plugin Cross-Site Scripting Vulnerability

5.4CVSS5.8AI score0.01259EPSS

Exploits0References1

CNVD•added 2021/03/31 12:0 a.m.•4 views

CloudBees Jenkins Cloud Statistics Plugin Improper Authorization Vulnerability

4.3CVSS6.5AI score0.00031EPSS

Exploits0References1

CNVD•added 2021/03/31 12:0 a.m.•8 views

CloudBees Jenkins Build With Parameters Plugin Cross-Site Request Forgery Vulnerability

8.8CVSS6.6AI score0.00074EPSS

Exploits0References1

CNVD•added 2021/03/31 12:0 a.m.•6 views

CloudBees Jenkins Build With Parameters Plugin Cross-Site Scripting Vulnerability

5.4CVSS5.9AI score0.01259EPSS

Exploits0References1

CNNVD•added 2021/03/30 12:0 a.m.•2 views

Jenkins Cloud Statistics 安全漏洞

4.3CVSS5.9AI score0.00031EPSS

Exploits0References5

OSV•added 2021/03/18 2:15 p.m.•1 views

CVE-2021-21625

Jenkins CloudBees AWS Credentials Plugin 1.28 and earlier does not perform a permission check in a helper method for HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins in some circumstances...

4.3CVSS5.8AI score

Exploits0References2

Prion•added 2021/03/18 2:15 p.m.•21 views

Design/Logic Flaw

4CVSS4.5AI score0.00031EPSS

Exploits0References2Affected Software1

CVE•added 2021/03/18 1:35 p.m.•72 views

CVE-2021-21625

CVE-2021-21625 affects Jenkins CloudBees AWS Credentials Plugin, version 1.28 and earlier. The underlying issue is a missing permission check in a helper method for HTTP endpoints, enabling attackers with Overall/Read permission to enumerate AWS credentials IDs stored in Jenkins under certain con...

4.3CVSS4.8AI score0.00031EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/03/18 1:35 p.m.•23 views

CVE-2021-21625

5.2AI score0.00031EPSS

Exploits0References2

Positive Technologies•added 2021/03/18 12:0 a.m.•11 views

PT-2021-14668 · Amazon +2 · Aws Parameter Store Build Wrapper +4

Name of the Vulnerable Software and Affected Versions: Jenkins CloudBees AWS Credentials Plugin versions 1.28 and earlier Description: The issue allows attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins under certain circumstances. This can...

4.3CVSS4.4AI score0.00031EPSS

Exploits0References7

CNNVD•added 2021/03/18 12:0 a.m.•3 views

Jenkins CloudBees AWS Credentials 安全漏洞

Jenkins CloudBees AWS Credentials is Jenkins open source an application plugin . The plugin allows storing Amazon IAM credentials in the Jenkins Credentials API. A security vulnerability exists in Jenkins CloudBees AWS Credentials Plugin 1.28 and earlier, which stems from not performing permissio...

4.3CVSS5.1AI score0.00031EPSS

Exploits0References5

CNVD•added 2021/01/29 12:0 a.m.•7 views

CloudBees Jenkins Cross-Site Scripting Vulnerability (CNVD-2021-07539)

6.1CVSS6AI score0.00241EPSS

Exploits0References1

CNVD•added 2021/01/18 12:0 a.m.•2 views

Cloudbees Jenkins and LTS Input Validation Error Vulnerability

Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . LTS is a long-term support for...

4.3CVSS6.3AI score0.00235EPSS

Exploits0References1

CNVD•added 2021/01/18 12:0 a.m.•1 views

Cloudbees Jenkins and LTS Cross-Site Scripting Vulnerability (CNVD-2021-04646)

Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . A cross-site scripting...

6.1CVSS6.1AI score0.00327EPSS

Exploits0References1

CNVD•added 2021/01/18 12:0 a.m.•1 views

Cloudbees Jenkins and LTS Authorization Issues Vulnerability (CNVD-2021-04647)

Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . An authorization issue vulnerabilit...

6.5CVSS7AI score0.00275EPSS

Exploits0References1

CNVD•added 2021/01/14 12:0 a.m.•1 views

Cloudbees Jenkins Cross-Site Scripting Vulnerability (CNVD-2021-03558)

Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . A cross-site scripting vulnerabilit...

5.4CVSS6.1AI score0.00319EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by