Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-45830

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00422EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:27 a.m.5 views

CVE-2024-52032

Mattermost versions 10.0.x = 10.0.0 and 9.11.x = 9.11.2 fail to properly query ElasticSearch when searching for the channel name in channel switcher which allows an attacker to get private channels names of channels that they are not a member of, when Elasticsearch v8 was enabled...

4.3CVSS6.7AI score0.00422EPSS
Exploits0References1
NVD
NVDadded 2024/11/09 6:15 p.m.12 views

CVE-2024-52032

Mattermost versions 10.0.x = 10.0.0 and 9.11.x = 9.11.2 fail to properly query ElasticSearch when searching for the channel name in channel switcher which allows an attacker to get private channels names of channels that they are not a member of, when Elasticsearch v8 was enabled...

4.3CVSS0.00422EPSS
Exploits0References1
CNVD
CNVDadded 2022/07/04 12:0 a.m.22 views

Jenkins Elasticsearch Query Plugin信息泄露漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.An information disclosure vulnerability...

6.5CVSS0.9AI score0.00301EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2022/07/01 12:1 a.m.21 views

Plaintext Storage of a Password in Jenkins Elasticsearch Query Plugin

Jenkins Elasticsearch Query Plugin 1.2 and earlier stores a password unencrypted in its global configuration file org.jenkinsci.plugins.elasticsearchquery.ElasticsearchQueryBuilder.xml on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...

6.5CVSS6.3AI score0.00301EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/06/30 6:15 p.m.1 views

CVE-2022-34807

Jenkins Elasticsearch Query Plugin 1.2 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...

6.5CVSS5.9AI score0.00301EPSS
Exploits0References2
NVD
NVDadded 2022/06/30 6:15 p.m.10 views

CVE-2022-34807

Jenkins Elasticsearch Query Plugin 1.2 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...

6.5CVSS0.00301EPSS
Exploits0References1
CVE
CVEadded 2022/06/30 5:48 p.m.268 views

CVE-2022-34807

CVE-2022-34807 affects Jenkins Elasticsearch Query Plugin 1.2 and earlier. The flaw exposes a password stored unencrypted in the plugin’s global configuration file on the Jenkins controller, enabling access to the password by anyone with Jenkins controller filesystem access. Practically, this is ...

6.5CVSS6.7AI score0.00301EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2022/06/30 12:0 a.m.2 views

PT-2022-22359 · Jenkins · Jenkins Elasticsearch Query Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Elasticsearch Query Plugin versions 1.2 and earlier Description: The issue concerns the storage of a password in an unencrypted form within the global configuration file on the Jenkins controller. Specifically, the password is stored ...

6.5CVSS6.3AI score0.00301EPSS
Exploits0References4
Rows per page
Query Builder