Lucene search
+L

24 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-3190

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00678EPSS
Exploits0References7
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4477

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00836EPSS
Exploits0References7
redhatcve
redhatcve
added 2025/05/22 10:25 a.m.9 views

CVE-2019-10471

A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS6.5AI score0.00678EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 7:46 a.m.9 views

CVE-2019-10473

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS6.4AI score0.00678EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 4:14 a.m.7 views

CVE-2019-10472

A missing permission check in Jenkins Libvirt Slaves Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS6.4AI score0.00836EPSS
Exploits0References1
github
github
added 2022/05/24 4:59 p.m.24 views

Jenkins Libvirt Slaves Plugin vlnerable to Credential Enumeration

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS4.3AI score0.00678EPSS
Exploits0References6Affected Software1
cnvd
cnvd
added 2019/10/28 12:0 a.m.6 views

CloudBees Jenkins Libvirt Slaves Plugin Enumeration Credentials Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Libvirt Slaves Plugin is used in one of the plug-in for controlling guest domains...

4.3CVSS6.5AI score0.00678EPSS
Exploits0References1
cnvd
cnvd
added 2019/10/28 12:0 a.m.5 views

CloudBees Jenkins Libvirt Slaves Plugin Cross-Site Request Pseudo-Vulnerability (CNVD-2019-38512)

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Libvirt Slaves Plugin is used in one of the plug-in for controlling guest domains...

8.8CVSS6.7AI score0.00678EPSS
Exploits0References1
cnvd
cnvd
added 2019/10/28 12:0 a.m.3 views

CloudBees Jenkins Libvirt Slaves Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Libvirt Slaves Plugin is used in one of the plug-in for controlling guest domains...

6.5CVSS6.4AI score0.00836EPSS
Exploits0References1
nvd
nvd
added 2019/10/23 1:15 p.m.23 views

CVE-2019-10471

A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS8.6AI score0.00678EPSS
Exploits0References2
nvd
nvd
added 2019/10/23 1:15 p.m.13 views

CVE-2019-10473

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS4.5AI score0.00678EPSS
Exploits0References2
osv
osv
added 2019/10/23 1:15 p.m.15 views

CVE-2019-10473

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.3CVSS6.6AI score
Exploits0References2
osv
osv
added 2019/10/23 1:15 p.m.21 views

CVE-2019-10472

A missing permission check in Jenkins Libvirt Slaves Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS6.6AI score
Exploits0References2
osv
osv
added 2019/10/23 1:15 p.m.18 views

CVE-2019-10471

A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS6.7AI score
Exploits0References2
prion
prion
added 2019/10/23 1:15 p.m.16 views

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.8CVSS8.5AI score0.00678EPSS
Exploits0References2Affected Software1
prion
prion
added 2019/10/23 1:15 p.m.15 views

Design/Logic Flaw

A missing permission check in Jenkins Libvirt Slaves Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

4CVSS6.3AI score0.00836EPSS
Exploits0References2Affected Software1
cve
cve
added 2019/10/23 12:45 p.m.77 views

CVE-2019-10472

The CVE-2019-10472 involves Jenkins Libvirt Slaves Plugin where a missing permission check allows attackers with Overall/Read to initiate SSH connections to an attacker-controlled server using attacker-controlled credentials IDs, potentially capturing credentials stored in Jenkins. The connected ...

6.5CVSS6.3AI score0.00836EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2019/10/23 12:45 p.m.16 views

CVE-2019-10473

A missing permission check in Jenkins Libvirt Slaves Plugin in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins...

4.4AI score0.00678EPSS
Exploits0References2
cvelist
cvelist
added 2019/10/23 12:45 p.m.14 views

CVE-2019-10472

A missing permission check in Jenkins Libvirt Slaves Plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.3AI score0.00836EPSS
Exploits0References2
cve
cve
added 2019/10/23 12:45 p.m.66 views

CVE-2019-10473

A vulnerability in the Jenkins Libvirt Slaves Plugin (credential enumeration) arises from a missing permission check in form-related methods. Affected component(s): Libvirt Slaves Plugin, form-related credential handling. Root cause: insufficient access control allows users with Overall/Read to e...

4.3CVSS4.4AI score0.00678EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder