CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

Tenable Nessus•added 2023/09/07 12:0 a.m.•57 views

Jenkins plugins Multiple Vulnerabilities (2023-09-06)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Job Configuration History Plugin 1227.v7a79fc4dc01f and earlier does not restrict the 'name' query parameter when rendering a histo...

8.8CVSS6.7AI score0.06937EPSS

Exploits0References20

NVD•added 2023/09/06 1:15 p.m.•18 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

4.3CVSS5AI score0.00056EPSS

Exploits0References2

OSV•added 2023/09/06 1:15 p.m.•2 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

4.3CVSS5.7AI score0.00056EPSS

Exploits0References2

Prion•added 2023/09/06 1:15 p.m.•16 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

4.3CVSS4.6AI score0.00056EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/09/06 12:9 p.m.•11 views

CVE-2023-41944

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not escape the queue name parameter passed to a form validation URL, when rendering an error message, resulting in an HTML injection vulnerability...

6.7AI score0.002EPSS

Exploits0References2

CVE•added 2023/09/06 12:9 p.m.•103 views

CVE-2023-41944

CVE-2023-41944 concerns the Jenkins AWS CodeCommit Trigger Plugin (versions

6.1CVSS6.2AI score0.002EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/09/06 12:9 p.m.•18 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

5.3AI score0.00056EPSS

Exploits0References2

Vulnrichment•added 2023/09/06 12:9 p.m.•11 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

6.7AI score0.00056EPSS

Exploits0References2

Cvelist•added 2023/09/06 12:8 p.m.•16 views

CVE-2023-41941

A missing permission check in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins...

5.2AI score0.00088EPSS

Exploits0References2

AlpineLinux•added 2023/09/06 12:8 p.m.•44 views

CVE-2023-41941

4.3CVSS6.7AI score0.00088EPSS

Exploits0References2

Vulnrichment•added 2023/09/06 12:8 p.m.•15 views

CVE-2023-41941

6.4AI score0.00088EPSS

Exploits0References2

CNNVD•added 2023/09/06 12:0 a.m.•2 views

Jenkins Plugin AWS CodeCommit Trigger Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is a software application. Jenkins Plugin AWS...

4.3CVSS6.7AI score0.00088EPSS

Exploits0References4

CNNVD•added 2023/09/06 12:0 a.m.•2 views

Jenkins Plugin AWS CodeCommit Trigger Security Vulnerability

6.5CVSS6.7AI score0.00078EPSS

Exploits0References4

CNNVD•added 2023/09/06 12:0 a.m.•3 views

Jenkins Plugin AWS CodeCommit Trigger Cross-Site Scripting Vulnerability

6.1CVSS7.1AI score0.002EPSS

Exploits0References4

CNNVD•added 2023/09/06 12:0 a.m.•2 views

Jenkins Plugin AWS CodeCommit Trigger Cross-Site Request Forgery Vulnerability

4.3CVSS6.7AI score0.00056EPSS

Exploits0References4

Positive Technologies•added 2023/09/06 12:0 a.m.•3 views

PT-2023-28181 · Jenkins · Jenkins Aws Codecommit Trigger Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins AWS CodeCommit Trigger Plugin versions 3.0.12 and earlier Description: The issue arises from a lack of permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue. This can be exploited...

6.5CVSS6.2AI score0.00078EPSS

Exploits0References7

Tenable Nessus•added 2023/06/16 12:0 a.m.•48 views

Jenkins plugins Multiple Vulnerabilities (2023-06-14)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default. CVE-2023-3514...

8.1CVSS6.2AI score0.15358EPSS

Exploits0References11

OSV•added 2023/06/14 1:15 p.m.•3 views

CVE-2023-35147

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not restrict the AWS SQS queue name path parameter in an HTTP endpoint, allowing attackers with Item/Read permission to obtain the contents of arbitrary files on the Jenkins controller file system...

6.5CVSS5.9AI score0.00562EPSS

Exploits0References2

Vulnrichment•added 2023/06/14 12:53 p.m.•59 views

CVE-2023-35147

7AI score0.00562EPSS

Exploits0References2

CNNVD•added 2023/06/14 12:0 a.m.•3 views

Jenkins Plugin AWS CodeCommit Trigger 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin A security...

6.5CVSS6.7AI score0.00562EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by