11 matches found
EUVD-2022-2033
Malicious code in bioql PyPI...
EUVD-2022-4988
Malicious code in bioql PyPI...
EUVD-2022-2514
Malicious code in bioql PyPI...
CVE-2020-2216
A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified username and password...
CVE-2020-2215
A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified username and password...
Default credentials
A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified username and password...
PT-2020-15430 · Jenkins · Jenkins Zephyr For Jira Test Management Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Zephyr for JIRA Test Management Plugin versions 1.5 and earlier Description: A cross-site request forgery issue allows attackers to connect to an attacker-specified HTTP server using an attacker-specified username and password...
CVE-2019-1003084
A cross-site request forgery vulnerability in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptordoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...
CVE-2019-1003084
A cross-site request forgery vulnerability in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptordoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...
PT-2019-11375 · Jenkins · Jenkins Zephyr Enterprise Test Management Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Zephyr Enterprise Test Management Plugin affected versions not specified Description: A missing permission check in the ZeeDescriptordoTestConnection form validation method allows attackers with Overall/Read permission to initiate a...
PT-2019-11374 · Jenkins · Jenkins Zephyr Enterprise Test Management Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Zephyr Enterprise Test Management Plugin affected versions not specified Description: A cross-site request forgery issue exists in the ZeeDescriptordoTestConnection form validation method, allowing attackers to initiate a connection t...