Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2702

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00761EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 7:53 a.m.10 views

CVE-2018-1999037

A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...

4.3CVSS6.6AI score0.00761EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/05/14 2:45 a.m.6 views

org.jenkins-ci.plugins.nodesharing:foreman-node-sharing (>=1.2.8 <=1.2.9), org.jenkins-ci.plugins:foreman-node-sharing (>=1.2.0 <=1.2.3) potentially affected by CVE-2018-1999037 via org.jenkins-ci.plugins:resource-disposer (=0.1)

org.jenkins-ci.plugins:resource-disposer MAVEN version =0.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:resource-disposer and may be impacted: - org.jenkins-ci.plugins.nodesharing:foreman-node-sharing =1.2.8, =1.2.0, =1.2.3...

4.3CVSS5.5AI score0.00761EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2022/05/14 2:45 a.m.23 views

Jenkins Resource Disposer Plugin allows attacker to stop tracking specified resource

A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a specified resource. Additionally, this API endpoint did not require POST requests, resulting in a CSRF vulnerability. As of version...

4.3CVSS4.8AI score0.00761EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/14 2:45 a.m.21 views

GHSA-63JG-5WV6-7GHV Jenkins Resource Disposer Plugin allows attacker to stop tracking specified resource

A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a specified resource. Additionally, this API endpoint did not require POST requests, resulting in a CSRF vulnerability. As of version...

3.1CVSS4.4AI score0.00761EPSS
Exploits0References4
CNVD
CNVD
added 2018/08/08 12:0 a.m.2 views

CloudBees Jenkins Resource Disposer Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Resource Disposer Plugin is used in...

4.3CVSS5.1AI score0.00761EPSS
Exploits0References1
Prion
Prion
added 2018/08/01 1:29 p.m.14 views

Design/Logic Flaw

A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...

4CVSS4.4AI score0.00761EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/08/01 1:29 p.m.31 views

CVE-2018-1999037

A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...

4.3CVSS4.5AI score0.00761EPSS
Exploits0References1
OSV
OSV
added 2018/08/01 1:29 p.m.15 views

CVE-2018-1999037

A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...

4.3CVSS6.6AI score
Exploits0References1
Cvelist
Cvelist
added 2018/08/01 1:0 p.m.60 views

CVE-2018-1999037

A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...

4.5AI score0.00761EPSS
Exploits0References1
CVE
CVE
added 2018/08/01 1:0 p.m.67 views

CVE-2018-1999037

CVE-2018-1999037 affects Jenkins Resource Disposer Plugin up to version 0.11. The vulnerability is in AsyncResourceDisposer.java and allows an attacker to stop tracking a resource (data modification). Related advisories confirm an additional CSRF weakness in the API endpoint prior to version 0.12...

4.3CVSS4.4AI score0.00761EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2014/04/17 11:30 a.m.3 views

OpenJDK: Java2d Disposer security bypass (2D, 8017287)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...

10CVSS6.8AI score0.07188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/12/05 5:32 p.m.3 views

OpenJDK: Java2d Disposer security bypass (2D, 8017287)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...

10CVSS6.8AI score0.07188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/11/07 4:47 p.m.2 views

OpenJDK: Java2d Disposer security bypass (2D, 8017287)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...

10CVSS6.8AI score0.07188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/11/07 4:46 p.m.2 views

OpenJDK: Java2d Disposer security bypass (2D, 8017287)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...

10CVSS6.8AI score0.07188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/10/22 5:13 p.m.3 views

OpenJDK: Java2d Disposer security bypass (2D, 8017287)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...

10CVSS6.8AI score0.07188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/10/17 5:31 p.m.3 views

OpenJDK: Java2d Disposer security bypass (2D, 8017287)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...

10CVSS6.8AI score0.07188EPSS
Exploits0References5
Rows per page
Query Builder