Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-2710

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00031EPSS
Exploits0References4
OSV
OSVadded 2025/01/31 5:34 p.m.23 views

GHSA-88M4-H43F-WX84 PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext

Summary While rebuilding PMD Designer for Reproducible Builds and digging into issues, I found out that passphrase for gpg.keyname=0xD0BF1D737C9A1C22 is included in jar published to Maven Central. Details See...

9.3CVSS6.3AI score0.00143EPSS
Exploits0References8
OSV
OSVadded 2022/05/24 5:8 p.m.16 views

GHSA-64JR-GGW8-H9JC Credentials stored in plain text by debian-package-builder Plugin

debian-package-builder Plugin 1.6.11 and earlier stores a GPG passphrase unencrypted in its global configuration file ru.yandex.jenkins.plugins.debuilder.DebianPackageBuilder.xml on the Jenkins controller. This credential can be viewed by users with access to the Jenkins controller file system...

3.3CVSS4.4AI score0.00031EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2022/05/24 5:8 p.m.23 views

Credentials stored in plain text by debian-package-builder Plugin

debian-package-builder Plugin 1.6.11 and earlier stores a GPG passphrase unencrypted in its global configuration file ru.yandex.jenkins.plugins.debuilder.DebianPackageBuilder.xml on the Jenkins controller. This credential can be viewed by users with access to the Jenkins controller file system...

4.3CVSS4.9AI score0.00031EPSS
Exploits0References4Affected Software1
Ubuntu
Ubuntuadded 2021/03/15 10:21 p.m.50 views

USN-4839-1: python-gnupg vulnerabilities

Marcus Brinkmann discovered that python-gnupg improperly handled certain command line parameters. A remote attacker could use this to spoof the output of python-gnupg and cause unsigned e-mail to appear signed. CVE-2018-12020 It was discovered that python-gnupg incorrectly handled the GPG...

7.5CVSS7.1AI score0.21434EPSS
Exploits2
Cvelist
Cvelistadded 2020/02/12 2:35 p.m.10 views

CVE-2020-2125

Jenkins Debian Package Builder Plugin 1.6.11 and earlier stores a GPG passphrase unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system...

4.5AI score0.00031EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2020/02/12 12:0 a.m.4 views

PT-2020-15333 · Jenkins · Jenkins Debian Package Builder Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Debian Package Builder Plugin versions 1.6.11 and earlier Description: The issue concerns the storage of a GPG passphrase in an unencrypted manner within the global configuration file on the Jenkins master or controller. This file can...

4.3CVSS4.3AI score0.00031EPSS
Exploits0References7
Rows per page
Query Builder