Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-6021

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00651EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.16 views

EUVD-2022-7458

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00636EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/07/11 3:42 p.m.14 views

CVE-2025-53657

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier does not mask SLM License Access Keys, client secrets, and passwords displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

4.3CVSS7.1AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/11 3:42 p.m.14 views

CVE-2025-53667

Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

5.3CVSS7.1AI score0.00262EPSS
Exploits0References1
OSV
OSV
added 2025/07/09 6:30 p.m.6 views

GHSA-884F-P57J-F258 Jenkins ReadyAPI Functional Testing Plugin vulnerability stores unencrypted authentication credentials

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These credentials can be viewed by users with Item/Extended Read permission or acce...

4.3CVSS6.1AI score0.00347EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/07/09 6:30 p.m.12 views

Jenkins Nouvola DiveCloud Plugin vulnerability does not mask keys on its job configuration form

Jenkins Nouvola DiveCloud Plugin 1.08 and earlier does not mask DiveCloud API Keys and Credentials Encryption Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

6.5CVSS6.2AI score0.00175EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/07/09 3:39 p.m.29 views

CVE-2025-53742

Jenkins Applitools Eyes Plugin 1.16.5 and earlier stores Applitools API keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.4 views

CVE-2025-53662

Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

7AI score0.00281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/04 3:39 p.m.33 views

CVE-2025-31724

Jenkins Cadence vManager Plugin 4.0.0-282.v5096ac2db275 and earlier stores Verisium Manager vAPI keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

4.3CVSS7AI score0.00302EPSS
Exploits0References1
CVE
CVE
added 2025/04/02 2:59 p.m.69 views

CVE-2025-31728

The CVE-2025-31728 entry concerns the Jenkins AsakusaSatellite Plugin (versions ≤ 0.1.1). Affected: AsakusaSatellite API keys are displayed in the job configuration form and are not masked, enabling observation/capture by users with permissions to view job configs or access the Jenkins controller...

5.5CVSS7AI score0.00276EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.11 views

PT-2025-14518 · Jenkins · Jenkins Asakusasatellite Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins AsakusaSatellite Plugin versions 0.1.1 and earlier Description: The issue concerns the exposure of AsakusaSatellite API keys on the job configuration form, which could allow attackers to observe and capture them. Recommendations: For...

6.5CVSS5.9AI score0.00276EPSS
Exploits0References10
Rows per page
Query Builder