CVE-2026-6902 Code Injection in Perforce P4 (Helix Core)

A Remote Code Execution vulnerability in P4 Helix Core Server's Command-Line Client, prior to the 2025.2 Patch 2, has been fixed to address potential security risks...

PT-2026-41662

Name of the Vulnerable Software and Affected Versions P4 Server versions prior to 2025.2 Patch 2 Description A security issue exists in the Command-Line Client of P4 Server that could lead to potential security risks. Recommendations Update to P4 Server version 2025.2 Patch 2 or later...

CVE-2010-0934

The triggers functionality in Perforce Server 2008.1 allows remote authenticated users with super privileges to execute arbitrary operating-system commands by using a "p4 client" command in conjunction with the form-in trigger script...

CVE-2010-0932

The FTP server in Perforce Server 2008.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a certain MKD command...

CVE-2010-0933

Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. dot dot in the argument to the "p4 add" command...

CVE-2010-0935

Perforce Server 2009.2 and earlier, when the protection table is empty, allows remote authenticated users to obtain super privileges via a "p4 protect" command...

EUVD-2010-0958

Malware in sbrugna...

EUVD-2010-0955

Malware in sbrugna...

EUVD-2008-1309

Malware in sbrugna...

EUVD-2021-1334

Malware in sbrugna...

EUVD-2010-0960

Malware in sbrugna...

EUVD-2010-0954

Malware in sbrugna...

EUVD-2010-0959

Malware in sbrugna...

CVE-2021-21655

A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password...

CVE-2010-0929

The Perforce service p4s.exe in Perforce Server 2008.1 allows remote attackers to cause a denial of service daemon crash via crafted data beginning with a byte sequence of 0x4c, 0xb3, 0xff, 0xff, and 0xff...

GHSA-3RJ3-QP2J-4FJ2 Cross-Site Request Forgery in Jenkins P4 Plugin

A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password. Jenkins P4 Plugin 1.11.5 requires POST requests for the affected HTTP endpoints...

CloudBees Jenkins P4 Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site request forgery...

CloudBees Jenkins P4 Plugin Access Control Error Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An Access Control Error...

CVE-2021-21655

A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password...

CVE-2021-21655

A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password...