Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

922 matches found

CNVD
CNVDadded 2015/11/26 12:0 a.m.3 views

CloudBees Jenkins Information Disclosure Vulnerability (CNVD-2015-07826)

CloudBees Jenkins is the open source continuous integration server. CloudBees Jenkins 1.638, LTS 1.625.2 or earlier, an XML external entity vulnerability exists in the create-job CLI command, which can be used by a remote attacker to read arbitrary files through the constructed job configuration,...

5CVSS7AI score0.00183EPSS
Exploits0References1
CNVD
CNVDadded 2015/11/26 12:0 a.m.2 views

CloudBees Jenkins CI Information Disclosure Vulnerability

CloudBees Jenkins CI formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . An information disclosure vulnerability exists in CloudBees Jenkins CI, which can be exploited by attackers to bypass security restrictions a...

5CVSS6.4AI score0.00164EPSS
Exploits0References1
CNVD
CNVDadded 2015/11/26 12:0 a.m.1 views

CloudBees Jenkins Information Disclosure Vulnerability (CNVD-2015-07825)

CloudBees Jenkins is the open source continuous integration server. A security vulnerability exists in the sidepanel widget in the CLI command overview and help pages of CloudBees Jenkins 1.638, LTS before 1.625.2, which allows remote attackers to obtain sensitive information by directly requesti...

5CVSS6.8AI score0.00121EPSS
Exploits0References1
CNVD
CNVDadded 2015/11/26 12:0 a.m.4 views

CloudBees Jenkins Cross-Site Scripting Vulnerability (CNVD-2015-07821)

CloudBees Jenkins is the open source continuous integration server. A cross-site scripting vulnerability exists in CloudBees Jenkins 1.638, LTS versions prior to 1.625.2, in the slave overview page, where a remote user with certain privileges can inject web script or HTML via a slave offline stat...

4.3CVSS6AI score0.00092EPSS
Exploits0References1
CNVD
CNVDadded 2015/11/26 12:0 a.m.3 views

CloudBees Jenkins CI Security Bypass Vulnerability

CloudBees Jenkins CI formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A security bypass vulnerability exists in CloudBees Jenkins CI, which can be exploited by attackers to bypass security restrictions and perfo...

7.5CVSS6.9AI score0.00086EPSS
Exploits0References1
CNVD
CNVDadded 2015/11/26 12:0 a.m.2 views

CloudBees Jenkins CSRF Mechanism Bypass Vulnerability

CloudBees Jenkins is the open source continuous integration server. CloudBees Jenkins 1.638, LTS 1.625.2 before the version , the use of public salt to generate CSRF protection tokens , remote attackers through brute-force attacks can bypass the CSRF protection mechanism...

6.8CVSS7AI score0.00076EPSS
Exploits0References1
CNVD
CNVDadded 2015/11/26 12:0 a.m.1 views

CloudBees Jenkins Elevation of Privilege Vulnerability

CloudBees Jenkins is the open source continuous integration server. A security vulnerability exists in CloudBees Jenkins versions prior to 1.638, LTS 1.625.2, which can be exploited by remote administrators to gain elevated privileges to run scripts via another user's API token...

6.5CVSS7.1AI score0.00165EPSS
Exploits0References1
CNVD
CNVDadded 2015/11/26 12:0 a.m.1 views

CloudBees Jenkins Arbitrary Code Execution Vulnerability

CloudBees Jenkins is the U.S. CloudBees company a set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . An arbitrary code execution vulnerability...

6.8CVSS8.2AI score0.00353EPSS
Exploits0References1
CNVD
CNVDadded 2015/10/22 12:0 a.m.1 views

CloudBees Jenkins CI and LTS API token-issuing service vulnerability

CloudBees Jenkins CI formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. LTS Long-Term Support is a long-supported version of CloudBees Jenkins CI. A security vulnerability exists in the API token-issuing service in CloudBees Jenkins CI versions...

7.5CVSS7.2AI score0.00239EPSS
Exploits0References1
CNVD
CNVDadded 2015/10/22 12:0 a.m.2 views

CloudBees Jenkins CI and LTS Create Reserved Names Vulnerability

CloudBees Jenkins CI formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. LTS Long-Term Support is a long-supported version of CloudBees Jenkins CI. A security vulnerability exists in the HudsonPrivateSecurityRealm class in CloudBees Jenkins CI...

4.6CVSS7.2AI score0.00433EPSS
Exploits0References1
CNVD
CNVDadded 2015/10/22 12:0 a.m.1 views

CloudBees Jenkins Cross-Site Scripting Vulnerability

CloudBees Jenkins is the U.S. CloudBees company a set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . CloudBees Jenkins versions prior to 1.606 LTS...

4.3CVSS6AI score0.00215EPSS
Exploits0References1
CNVD
CNVDadded 2015/10/22 12:0 a.m.1 views

CloudBees Jenkins CI and LTS Cross-Site Scripting Vulnerability

CloudBees Jenkins CI formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. LTS Long-Term Support is a long-supported version of CloudBees Jenkins CI. A cross-site scripting vulnerability exists in CloudBees Jenkins CI versions prior to 1.606 and LT...

4.3CVSS6.1AI score0.00215EPSS
Exploits0References1
CNVD
CNVDadded 2015/10/22 12:0 a.m.2 views

CloudBees Jenkins CI and LTS Directory Traversal Vulnerability

CloudBees Jenkins CI formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A directory traversal vulnerability exists in CloudBees Jenkins CI versions prior to 1.600 and LTS versions prior to 1.596.1. A remote attack...

3.5CVSS6.9AI score0.00128EPSS
Exploits0References1
CNVD
CNVDadded 2015/10/22 12:0 a.m.3 views

CloudBees Jenkins CI and LTS Scripting Vulnerabilities

CloudBees Jenkins CI formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. LTS Long-Term Support is a long-supported version of CloudBees Jenkins CI. A security vulnerability exists in the Combination filter Groovy script in CloudBees Jenkins CI...

6.5CVSS8AI score0.00639EPSS
Exploits0References1
CNVD
CNVDadded 2015/10/22 12:0 a.m.2 views

CloudBees Jenkins CI and LTS Denial of Service Vulnerability

CloudBees Jenkins CI formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A security vulnerability exists in CloudBees Jenkins CI versions prior to 1.600 and LTS versions prior to 1.596.1. A remote attacker can...

3.5CVSS6.8AI score0.00175EPSS
Exploits0References1
Prion
Prionadded 2014/10/17 3:55 p.m.15 views

Design/Logic Flaw

The doIndex function in hudson/util/RemotingDiagnostics.java in CloudBees Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users with the ADMINISTER permission to obtain sensitive information via vectors related to heapDump...

3.5CVSS6AI score0.00085EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCveadded 2014/10/17 3:55 p.m.23 views

CVE-2014-2068

The doIndex function in hudson/util/RemotingDiagnostics.java in CloudBees Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users with the ADMINISTER permission to obtain sensitive information via vectors related to heapDump...

3.5CVSS5.9AI score0.00085EPSS
Exploits0References2
Cvelist
Cvelistadded 2014/10/17 3:0 p.m.23 views

CVE-2014-2068

The doIndex function in hudson/util/RemotingDiagnostics.java in CloudBees Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users with the ADMINISTER permission to obtain sensitive information via vectors related to heapDump...

8.6AI score0.00085EPSS
Exploits0References3
CVE
CVEadded 2014/10/17 3:0 p.m.56 views

CVE-2014-2068

CVE-2014-2068 affects CloudBees Jenkins before 1.551 and the LTS line before 1.532.2. The doIndex function in hudson/util/RemotingDiagnostics.java enables remote authenticated users with ADMINISTER permission to obtain sensitive information via heapDump-related vectors. Impact is information disc...

3.5CVSS8.4AI score0.00085EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessusadded 2013/03/06 12:0 a.m.120 views

Jenkins Detection

The remote web server hosts Jenkins, a job scheduling / management system and a drop-in replacement for Hudson. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65054; scriptversion"1.20"; scriptsetattributeattribute:"pluginmodificationdate", value:"2024/10/03";...

5.4AI score
Exploits0References2
Rows per page
Query Builder