Lucene search
+L

27 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-4033

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.01825EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3637

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00333EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-2208

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.01876EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-5841

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01086EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-2426

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00805EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4610

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00751EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2022-3214

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00883EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 4:29 p.m.8 views

CVE-2020-2164

Jenkins Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system...

6.5CVSS6.8AI score0.00805EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:19 p.m.8 views

CVE-2020-2165

Jenkins Artifactory Plugin 3.6.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...

7.5CVSS6.8AI score0.01086EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:25 a.m.11 views

CVE-2019-10324

A cross-site request forgery vulnerability in Jenkins Artifactory Plugin 3.2.2 and earlier in ReleaseActiondoSubmit, GradleReleaseApiActiondoStaging, MavenReleaseApiActiondoStaging, and UnifiedPromoteBuildActiondoSubmit allowed attackers to schedule a release build, perform release staging for...

6.5CVSS6.6AI score0.00751EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:46 a.m.13 views

CVE-2019-10321

A cross-site request forgery vulnerability in Jenkins Artifactory Plugin 3.2.2 and earlier in ArtifactoryBuilder.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method,...

4.3CVSS6.4AI score0.00883EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:46 a.m.9 views

CVE-2019-10323

A missing permission check in Jenkins Artifactory Plugin 3.2.3 and earlier in various 'fillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS6.4AI score0.01876EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2022/05/24 10:0 p.m.17 views

Cross-site request forgery vulnerability in Jenkins Artifactory Plugin

A cross-site request forgery vulnerability in Jenkins Artifactory Plugin 3.2.2 and earlier in ReleaseActiondoSubmit, GradleReleaseApiActiondoStaging, MavenReleaseApiActiondoStaging, and UnifiedPromoteBuildActiondoSubmit allowed attackers to schedule a release build, perform release staging for...

6.5CVSS6.6AI score0.00751EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/24 10:0 p.m.17 views

Jenkins Artifactory Plugin missing permission check

Jenkins Artifactory Plugin does not perform permission checks on a method implementing form validation. This allows users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials...

4.3CVSS6.5AI score0.01825EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2022/05/24 5:12 p.m.23 views

GHSA-XQF6-5GRH-6223 Passwords transmitted in plain text by Jenkins Artifactory Plugin

Jenkins Artifactory Plugin 3.6.0 and earlier stores Artifactory server passwords in its global configuration file org.jfrog.hudson.ArtifactoryBuilder.xml on the Jenkins controller as part of its configuration. While the password is stored encrypted on disk since Artifactory Plugin 3.6.0, it is...

3.1CVSS7.3AI score0.01086EPSS
Exploits0References4
NVD
NVD
added 2020/03/25 5:15 p.m.26 views

CVE-2020-2165

Jenkins Artifactory Plugin 3.6.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...

7.5CVSS7.5AI score0.01086EPSS
Exploits0References2
NVD
NVD
added 2020/03/25 5:15 p.m.27 views

CVE-2020-2164

Jenkins Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system...

6.5CVSS6.5AI score0.00805EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/03/25 4:5 p.m.29 views

CVE-2020-2165

Jenkins Artifactory Plugin 3.6.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure...

7.5AI score0.01086EPSS
Exploits0References2
Talos
Talos
added 2019/06/04 12:0 a.m.155 views

Jenkins Artifactory Plugin fillCredentialsIdItems information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the fillCredentialsIdItems endpoint of the Jenkins Artifactory Plugin 3.2.0 and 3.2.1. As a result of this vulnerability a crafted HTTP request from a user with Overall/Read permissions - such as an anonymous user, if enabled -...

4.3CVSS4.5AI score0.01876EPSS
Exploits1
NVD
NVD
added 2019/05/31 3:29 p.m.24 views

CVE-2019-10324

A cross-site request forgery vulnerability in Jenkins Artifactory Plugin 3.2.2 and earlier in ReleaseActiondoSubmit, GradleReleaseApiActiondoStaging, MavenReleaseApiActiondoStaging, and UnifiedPromoteBuildActiondoSubmit allowed attackers to schedule a release build, perform release staging for...

6.5CVSS6.4AI score0.00751EPSS
Exploits0References3
Rows per page
Query Builder