CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Packet Storm News•added 2025/09/23 12:0 a.m.•8 views

LLM-Based Vulnerability Discovery through the Lens of Code Metrics

Large language models LLMs excel in many tasks of software engineering, yet progress in leveraging them for vulnerability discovery has stalled in recent years. To understand this phenomenon, we investigate LLMs through the lens of classic code metrics. Surprisingly, we find that a classifier...

7.1AI score

Exploits0

OSV•added 2023/04/02 9:30 p.m.•10 views

GHSA-8J88-2HFC-5RF3 Jenkins Visual Studio Code Metrics Plugin vulnerable to XML external entity (XXE) attacks

Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control VS Code Metrics File contents to have Jenkins parse a crafted XML document that uses external entities for extraction of...

7.1CVSS8.1AI score0.00361EPSS

Exploits0References3

Github Security Blog•added 2023/04/02 9:30 p.m.•18 views

Jenkins Visual Studio Code Metrics Plugin vulnerable to XML external entity (XXE) attacks

8.2CVSS8AI score0.00361EPSS

Exploits0References3Affected Software1

CVE•added 2023/03/23 11:26 a.m.•242 views

CVE-2023-28681

CVE-2023-28681 affects Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier. The vulnerability arises because the plugin’s XML parser is not configured to prevent XML external entity (XXE) attacks, which can allow an attacker to cause the Jenkins controller/server-side processing to reveal s...

8.2CVSS8.2AI score0.00361EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/03/23 11:26 a.m.•8 views

CVE-2023-28681

Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.3AI score0.00361EPSS

Exploits0References1

Cvelist•added 2023/03/23 11:26 a.m.•13 views

CVE-2023-28681

Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.5AI score0.00361EPSS

Exploits0References1

CNNVD•added 2023/03/23 12:0 a.m.•1 views

Jenkins Plugins Visual Studio Code Metrics 代码问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugins A securit...

8.2CVSS7.8AI score0.00361EPSS

Exploits0References3

Positive Technologies•added 2023/03/23 12:0 a.m.•3 views

PT-2023-21900 · Jenkins · Jenkins Visual Studio Code Metrics Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Visual Studio Code Metrics Plugin versions 1.7 and earlier Description: The issue is related to the XML parser not being configured to prevent XML external entity XXE attacks. This allows attackers who can control VS Code Metrics File...

8.2CVSS8AI score0.00361EPSS

Exploits0References7

Tenable Nessus•added 2010/11/02 12:0 a.m.•168 views

Atlassian FishEye Code Metrics Report Plugin XSS

The version of Atlassian FishEye running on the remote host has a cross-site scripting vulnerability. The Code Metrics Report Plugin does not properly sanitize user input. A remote attacker could exploit this by tricking a user into making a maliciously crafted request, resulting in the execution...

5.4AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by