CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-16217

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00148EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-3030

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00448EPSS

RedhatCVE•added 2025/05/23 7:24 a.m.•3 views

CVE-2024-0422

A vulnerability was found in CodeAstro POS and Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /newitem of the component New Item Creation Page. The manipulation of the argument newitem leads to cross sit...

5.4CVSS6.2AI score0.00148EPSS

Exploits1References1

RedHat Linux•added 2024/11/05 12:8 p.m.•2 views

jenkins: Item creation restriction bypass vulnerability

A flaw was found in Jenkins. When attempting to create an item prohibited by ACLhasCreatePermission2 or TopLevelItemDescriptorisApplicableInItemGroup through the Jenkins CLI or the REST API, if either of these checks fail, Jenkins creates the item in memory and only deletes it from disk. This may...

RedHat Linux•added 2024/11/05 12:7 p.m.•1 views

jenkins: Item creation restriction bypass vulnerability

RedHat Linux•added 2024/11/05 12:7 p.m.•19 views

Important: Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update

An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.12. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.6AI score0.5636EPSS

RedHat Linux•added 2024/11/05 11:47 a.m.•25 views

Important: Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 Openshift Jenkins security update

An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.14. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.4CVSS6.6AI score0.00809EPSS

RedHat Linux•added 2024/11/05 11:47 a.m.•2 views

jenkins: Item creation restriction bypass vulnerability

RedHat Linux•added 2024/11/05 11:25 a.m.•2 views

jenkins: Item creation restriction bypass vulnerability

Redos•added 2024/10/15 12:0 a.m.•11 views

ROS-20241015-08

A vulnerability in the Jenkins Automation Server is related to an issue with item creation constraint bypass. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the restrictions and create a temporary item The Jenkins Automation Server vulnerability exists because...

4.3CVSS6.9AI score0.0063EPSS

Exploits0

OSV•added 2024/10/04 7:9 a.m.•19 views

BIT-JENKINS-2024-47804

If an attempt is made to create an item of a type prohibited by ACLhasCreatePermission2 or TopLevelItemDescriptorisApplicableInItemGroup through the Jenkins CLI or the REST API and either of these checks fail, Jenkins LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk,...

4.3CVSS5.5AI score0.00448EPSS

Veracode•added 2024/10/04 6:41 a.m.•5 views

Incorrect Authorization

Jenkins is vulnerable to Incorrect Authorization. The vulnerability is due to incomplete enforcement of item creation checks, where prohibited items are created in memory and can be saved to persist them, bypassing restrictions when attackers have Item/Configure permissions...

4.3CVSS4.5AI score0.00448EPSS

Exploits0References3Affected Software1

Tenable Nessus•added 2024/10/04 12:0 a.m.•17 views

FreeBSD : jenkins -- multiple vulnerabilities (3c6f8270-3210-4e2f-ba72-a9cdca7417a0)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3c6f8270-3210-4e2f-ba72-a9cdca7417a0 advisory. Jenkins Security Advisory: Exposure of multi-line secrets through error messages in Jenkins It...

4.3CVSS6.5AI score0.0063EPSS

Exploits0References4

OSV•added 2024/10/02 6:31 p.m.•0 views

GHSA-F9QJ-77Q2-H5C5 Jenkins item creation restriction bypass vulnerability

Jenkins provides APIs for fine-grained control of item creation: - Authorization strategies can prohibit the creation of items of a given type in a given item group ACLhasCreatePermission2. - Item types can prohibit creation of new instances in a given item group...

5.3CVSS5.9AI score0.00448EPSS

Github Security Blog•added 2024/10/02 6:31 p.m.•18 views

Jenkins item creation restriction bypass vulnerability

4.3CVSS7AI score0.00448EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2024/10/02 4:44 p.m.•18 views

CVE-2024-47804

5.3CVSS6.1AI score0.00448EPSS

Exploits0References4

OSV•added 2024/10/02 4:15 p.m.•15 views

CVE-2024-47804

If an attempt is made to create an item of a type prohibited by ACLhasCreatePermission2 or TopLevelItemDescriptorisApplicableInItemGroup through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only...

4.3CVSS6.4AI score

Vulnrichment•added 2024/10/02 3:35 p.m.•17 views

CVE-2024-47804

If an attempt is made to create an item of a type prohibited by ACLhasCreatePermission2 or TopLevelItemDescriptorisApplicableInItemGroup through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only...

6.9AI score0.00448EPSS

Cvelist•added 2024/10/02 3:35 p.m.•18 views

CVE-2024-47804

If an attempt is made to create an item of a type prohibited by ACLhasCreatePermission2 or TopLevelItemDescriptorisApplicableInItemGroup through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only...

0.00448EPSS