Lucene search
+L

276 matches found

osv
osv
added 2026/06/24 2:17 p.m.3 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS6AI score
Exploits0References1
nvd
nvd
added 2026/06/24 2:17 p.m.9 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS0.00216EPSS
Exploits0References1
cve
cve
added 2026/06/24 1:20 p.m.16 views

CVE-2026-57286

CVE-2026-57286 describes a missing permission check in the Jenkins Git Parameter Plugin (462.vdcf3df2ed2ca_ and earlier). This allows users with Item/Read permission to obtain information about the SCM repository used by a job (e.g., branch names, tag names, and revision metadata). The impact is ...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/06/24 1:20 p.m.38 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

0.00216EPSS
Exploits0References1
euvd
euvd
added 2026/06/24 1:20 p.m.10 views

EUVD-2026-38766

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References1
vulnersosv
vulnersosv
added 2025/12/10 6:30 p.m.9 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1887 more potentially affected by CVE-2025-67635 via org.jenkins-ci.main:cli (>=1.396 <=2.528.2)

org.jenkins-ci.main:cli MAVEN version =1.396, =1.1, =0.0.1, =1.0, =55.v51410e712e0c, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.23 and more Source cves: CVE-2025-67635 Source advisory: OSV:GHSA-9P56-P6MW-W8QC...

7.5CVSS7.3AI score0.00515EPSS
Exploits0
nvd
nvd
added 2025/10/29 2:15 p.m.5 views

CVE-2025-64133

A cross-site request forgery CSRF vulnerability in Jenkins Extensible Choice Parameter Plugin 239.v5f5c278708cf and earlier allows attackers to execute sandboxed Groovy code...

5.4CVSS0.00236EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/10/29 12:0 a.m.6 views

Jenkins Extensible Choice Parameter Plugin 安全漏洞

Jenkins Extensible Choice Parameter Plugin is an open source parameter building plugin for Jenkins. A security vulnerability exists in Jenkins Extensible Choice Parameter Plugin 239.v5f5c278708cf and prior versions, which stems from vulnerability to a cross-site request forgery attack that could...

5.4CVSS6.6AI score0.00236EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/10/29 12:0 a.m.9 views

PT-2025-44282

Name of the Vulnerable Software and Affected Versions Jenkins Extensible Choice Parameter Plugin versions 239.v5f5c278708cf and earlier Description A cross-site request forgery CSRF issue exists in the Jenkins Extensible Choice Parameter Plugin. This allows attackers to execute sandboxed Groovy...

5.4CVSS6.7AI score0.00236EPSS
Exploits0References8
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-1418

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00569EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-47406

Malicious code in bioql PyPI...

4.7CVSS6.5AI score0.00421EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-2970

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00836EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-3936

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.09387EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4223

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00735EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-2142

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00717EPSS
Exploits0References3
ossf
ossf
added 2025/08/23 2:27 p.m.6 views

Malicious code in heft-parameter-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6082dd30329215006112f50c3006a58f4437a48913646c4551e68d48e2d768e7 The OpenSSF Package Analysis project identified 'heft-parameter-plugin' @ 99.0.9 npm as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0
osv
osv
added 2025/08/23 2:27 p.m.4 views

MAL-2025-41294 Malicious code in heft-parameter-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6082dd30329215006112f50c3006a58f4437a48913646c4551e68d48e2d768e7 The OpenSSF Package Analysis project identified 'heft-parameter-plugin' @ 99.0.9 npm as malicious. It is considered malicious because: - The...

7.3AI score
Exploits0
cve
cve
added 2025/08/14 6:0 a.m.24 views

CVE-2025-7808

The CVE-2025-7808 issue affects the WP Shopify WordPress plugin prior to version 1.5.4, where an input parameter is not sanitized/escaped before being reflected on the page, enabling a Reflected XSS against high-privilege users (e.g., admins). Multiple sources (Red Hat, patchstack, NVD/NVD-enrich...

6.1CVSS6.2AI score0.00225EPSS
Exploits1References1Affected Software1
hackread
hackread
added 2025/08/08 7:14 p.m.11 views

15,000 Jenkins Servers at Risk from RCE Vulnerability (CVE-2025-53652)

A new report by VulnCheck exposes a critical command injection flaw CVE-2025-53652 in the Jenkins Git Parameter plugin.…...

8.2CVSS7.4AI score0.00618EPSS
Exploits1
redhatcve
redhatcve
added 2025/07/11 3:42 p.m.13 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

8.2CVSS7.1AI score0.00618EPSS
Exploits1References1
Rows per page
Query Builder