10 matches found
EUVD-2022-0766
Malicious code in bioql PyPI...
EUVD-2022-0923
Malicious code in bioql PyPI...
CVE-2022-25212
A cross-site request forgery CSRF vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials...
CVE-2022-25211
A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials...
CVE-2022-25211
A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials...
CVE-2022-25212
A cross-site request forgery CSRF vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials...
CVE-2022-25212
A cross-site request forgery CSRF vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials...
PT-2022-17151 · Jenkins · Jenkins Swamp Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins SWAMP Plugin versions 1.2.6 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to an attacker-specified web server using attacker-specified credentials. The vulnerability is due to a...
PT-2022-17150 · Jenkins · Jenkins Swamp Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins SWAMP Plugin versions 1.2.6 and earlier Description: A missing permission check in the Jenkins SWAMP Plugin allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified...