CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

171 matches found

Gitee•added 2020/02/25 7:21 p.m.•3 views

Exploit for Incorrect Authorization in Jenkins Git

CVE-2018-1000110: User and Node Enumeration Through Jenkins Git Plugin v3.7 Description: An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users. Versions...

5.3CVSS6.9AI score0.11087EPSS

Exploits2

Prion•added 2019/02/06 4:29 p.m.•24 views

Cross site request forgery (csrf)

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record...

4.3CVSS4.4AI score0.00651EPSS

Exploits0References3Affected Software2

NVD•added 2019/02/06 4:29 p.m.•18 views

CVE-2019-1003010

4.3CVSS4.4AI score0.00651EPSS

Exploits0References3

OSV•added 2019/02/06 4:29 p.m.•16 views

CVE-2019-1003010

4.3CVSS6.4AI score

Exploits0References3

CVE•added 2019/02/06 4:0 p.m.•94 views

CVE-2019-1003010

The CVE-2019-1003010 entry concerns Jenkins Git Plugin (versions 3.9.1 and earlier). The issue is a cross-site request forgery in src/main/java/hudson/plugins/git/GitTagAction.java that lets an attacker create a Git tag in a workspace and attach metadata to a build record. The documents do not sp...

4.3CVSS4.3AI score0.00651EPSS

Exploits0References3Affected Software1

AlpineLinux•added 2019/02/06 4:0 p.m.•31 views

CVE-2019-1003010

4.3CVSS5.1AI score0.00651EPSS

Exploits0References3

Cvelist•added 2019/02/06 4:0 p.m.•19 views

CVE-2019-1003010

4.8AI score0.00651EPSS

Exploits0References3

CNVD•added 2018/06/07 12:0 a.m.•3 views

CloudBees Jenkins Git Plugin Multiple File Server-Side Request Forgery Vulnerability

CloudBees Jenkins is the U.S. CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and a number of timed tasks . Git Plugin is used in one of the version control plugin . A...

6.4CVSS6.6AI score0.00039EPSS

Exploits0References1

RedhatCVE•added 2018/06/06 2:51 p.m.•30 views

CVE-2018-1000182

A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a...

6.4CVSS5.5AI score0.00039EPSS

Exploits0References2

NVD•added 2018/06/05 8:29 p.m.•20 views

CVE-2018-1000182

6.4CVSS6.3AI score0.00039EPSS

Exploits0References1

Prion•added 2018/06/05 8:29 p.m.•20 views

Server side request forgery (ssrf)

5.5CVSS6.2AI score0.00039EPSS

Exploits0References1Affected Software1

OSV•added 2018/06/05 8:29 p.m.•23 views

CVE-2018-1000182

6.4CVSS6.5AI score

Exploits0References1

Cvelist•added 2018/06/05 8:0 p.m.•19 views

CVE-2018-1000182

6.6AI score0.00039EPSS

Exploits0References1

AlpineLinux•added 2018/06/05 8:0 p.m.•32 views

CVE-2018-1000182

6.4CVSS5.5AI score0.00039EPSS

Exploits0References1

CVE•added 2018/06/05 8:0 p.m.•87 views

CVE-2018-1000182

A server-side request forgery (SSRF) vulnerability exists in Jenkins Git Plugin 3.9.0 and older. In AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, and ViewGitWeb.java, attackers with Overall/Read access can cause Jenkins to send a GET request to a...

6.4CVSS6.2AI score0.00039EPSS

Exploits0References1Affected Software1

CNVD•added 2018/03/27 12:0 a.m.•2 views

Jenkins Git Plugin Information Disclosure Vulnerability

Jenkins is an open source software project , is based on Java development of a continuous integration tool . A security vulnerability exists in the GitStatus.java file in Jenkins Git Plugin 3.7.0 and earlier versions. An attacker can exploit the vulnerability to obtain a list of nodes and users...

5.3CVSS6.8AI score0.11087EPSS

Exploits2References1

Veracode•added 2018/03/14 1:36 a.m.•11 views

Information Disclosure Through Authorization Bypass

Jenkins Git Plugin is vulnerable to information disclosure through authorization bypass. The vulnerability allows users without Overall/Read permission to submit search queries to retrieve a list of user names and node names...

5.3CVSS4.9AI score0.11087EPSS

Exploits2References2Affected Software1

OSV•added 2018/03/13 1:29 p.m.•19 views

CVE-2018-1000110

An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users...

5.3CVSS5.4AI score

Exploits0References1

NVD•added 2018/03/13 1:29 p.m.•13 views

CVE-2018-1000110

An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users...

5.3CVSS5AI score0.11087EPSS

Exploits2References1

Prion•added 2018/03/13 1:29 p.m.•15 views

Authorization

An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users...

5CVSS5AI score0.11087EPSS

Exploits2References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by