Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1418

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00362EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 3:37 a.m.9 views

CVE-2023-28671

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

4.3CVSS6.6AI score0.00361EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:37 a.m.10 views

CVE-2023-28674

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...

8.8CVSS6.7AI score0.00362EPSS
Exploits0References1
OSV
OSV
added 2023/04/02 9:30 p.m.15 views

GHSA-X263-HP5C-P2RJ Jenkins OctoPerf Load Testing Plugin vulnerable to Cross-site Request Forgery

OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to a previously configured Octoperf server using attacker-specified credentials. Additionally, these endpoints do not...

4.3CVSS8.7AI score0.00362EPSS
Exploits0References2
OSV
OSV
added 2023/04/02 9:15 p.m.5 views

CVE-2023-28675

A missing permission check in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...

4.3CVSS5.8AI score0.00425EPSS
Exploits0References1
NVD
NVD
added 2023/04/02 9:15 p.m.21 views

CVE-2023-28671

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

4.3CVSS5AI score0.00361EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/23 11:26 a.m.8 views

CVE-2023-28675

A missing permission check in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...

4.4AI score0.00425EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/23 11:26 a.m.30 views

CVE-2023-28674

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...

8.9AI score0.00362EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2023/03/23 11:26 a.m.19 views

CVE-2023-28674

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...

8.8CVSS8.4AI score0.00362EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/23 11:26 a.m.12 views

CVE-2023-28672

Jenkins OctoPerf Load Testing Plugin Plugin 4.5.1 and earlier does not perform a permission check in a connection test HTTP endpoint, allowing attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method,...

6.4AI score0.00509EPSS
Exploits0References1
Rows per page
Query Builder