Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-3371

Malicious code in bioql PyPI...

5.4CVSS5.4AI score0.83053EPSS
Exploits3References11
RedhatCVE
RedhatCVE
added 2025/05/23 4:40 a.m.8 views

CVE-2023-41945

Jenkins Assembla Auth Plugin 1.14 and earlier does not verify that the permissions it grants are enabled, resulting in users with EDIT permissions to be granted Overall/Manage and Overall/SystemRead permissions, even if those permissions are disabled and should not be granted...

8.8CVSS6.6AI score0.00551EPSS
Exploits0References1
OSV
OSV
added 2023/09/06 1:15 p.m.3 views

CVE-2023-41945

Jenkins Assembla Auth Plugin 1.14 and earlier does not verify that the permissions it grants are enabled, resulting in users with EDIT permissions to be granted Overall/Manage and Overall/SystemRead permissions, even if those permissions are disabled and should not be granted...

8.8CVSS5.8AI score0.00551EPSS
Exploits0References2
OSV
OSV
added 2022/05/24 5:25 p.m.3 views

GHSA-9G4M-FFX6-C29G Jenkins Cross-site Scripting vulnerability in project naming strategy

Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the project naming strategy description, that is displayed on item creation.\n\nThis results in a stored cross-site scripting XSS vulnerability exploitable by users with Overall/Manage permission.\n\nJenkins 2.252, LTS 2.235.4...

8CVSS5.8AI score0.83053EPSS
Exploits3References6
Positive Technologies
Positive Technologies
added 2020/08/12 12:0 a.m.5 views

PT-2020-15451 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.251 and earlier Jenkins LTS versions 2.235.3 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because the project naming strategy description is not properly escaped...

8CVSS5AI score0.83053EPSS
Exploits3References11
Rows per page
Query Builder