Lucene search
+L

46 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0475

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00769EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1952

Malicious code in bioql PyPI...

7.1CVSS6.9AI score0.00624EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0432

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00515EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0399

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00619EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/05/23 4:5 a.m.7 views

CVE-2023-37949

A missing permission check in Jenkins Orka by MacStadium Plugin 1.33 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

7.1CVSS6.4AI score0.00624EPSS
Exploits0
redhatcve
redhatcve
added 2025/05/23 3:21 a.m.10 views

CVE-2023-24433

Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS6.5AI score0.00769EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 3:21 a.m.13 views

CVE-2023-24431

A missing permission check in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS6.3AI score0.00619EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 1:55 a.m.12 views

CVE-2023-24432

A cross-site request forgery CSRF vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS6.6AI score0.00515EPSS
Exploits0References1
openbugbounty
openbugbounty
added 2024/01/15 5:9 p.m.6 views

orka-partner.hr Improper Access Control vulnerability OBB-3835305

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
osv
osv
added 2023/07/12 6:30 p.m.57 views

GHSA-4HM4-94G6-F23F Jenkins Orka by MacStadium Plugin missing permission check

Jenkins Orka by MacStadium Plugin 1.33 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials...

5.4CVSS6.8AI score0.00624EPSS
Exploits0References3
github
github
added 2023/07/12 6:30 p.m.25 views

Jenkins Orka by MacStadium Plugin missing permission check

Jenkins Orka by MacStadium Plugin 1.33 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials...

7.1CVSS6.5AI score0.00624EPSS
Exploits0References4Affected Software1
osv
osv
added 2023/07/12 4:15 p.m.4 views

CVE-2023-37949

A missing permission check in Jenkins Orka by MacStadium Plugin 1.33 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

7.1CVSS5.8AI score0.00624EPSS
Exploits0References2
nvd
nvd
added 2023/07/12 4:15 p.m.33 views

CVE-2023-37949

A missing permission check in Jenkins Orka by MacStadium Plugin 1.33 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

7.1CVSS0.00624EPSS
Exploits0References2
prion
prion
added 2023/07/12 4:15 p.m.27 views

Design/Logic Flaw

A missing permission check in Jenkins Orka by MacStadium Plugin 1.33 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

5.5CVSS6.7AI score0.00624EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2023/07/12 3:52 p.m.16 views

CVE-2023-37949

A missing permission check in Jenkins Orka by MacStadium Plugin 1.33 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.4AI score0.00624EPSS
Exploits0References2
cve
cve
added 2023/07/12 3:52 p.m.54 views

CVE-2023-37949

CVE-2023-37949 describes a missing permission check in the Jenkins Orka by MacStadium Plugin (versions ≤ 1.33) exposing an HTTP endpoint. An attacker with Overall/Read can connect to an attacker-controlled URL using attacker-chosen credentials IDs obtained by another method, enabling capture of J...

7.1CVSS6.7AI score0.00624EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2023/07/12 12:0 a.m.6 views

PT-2023-26196 · Macstadium +1 · Jenkins Orka By Macstadium Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Orka by MacStadium Plugin versions 1.33 and earlier Description: A missing permission check in the Jenkins Orka by MacStadium Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using...

7.1CVSS6.7AI score0.00624EPSS
Exploits0References6
cnnvd
cnnvd
added 2023/07/12 12:0 a.m.5 views

Jenkins Plugin Orka by MacStadium 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

7.1CVSS7.1AI score0.00624EPSS
Exploits0References3
osv
osv
added 2023/01/26 9:30 p.m.65 views

GHSA-9JWH-QVG7-GR59 CSRF vulnerability in Jenkins Orka Plugin allow capturing credentials

A cross-site request forgery CSRF vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS8.7AI score0.00515EPSS
Exploits0References2
osv
osv
added 2023/01/26 9:30 p.m.18 views

GHSA-GMHF-37FX-C4Q8 Missing permission checks in Jenkins Orka Plugin allow capturing credentials

Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS6.5AI score0.00769EPSS
Exploits0References2
Rows per page
Query Builder