Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-2247

Malware in sbrugna...

7.5CVSS7.4AI score0.02015EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-44558

Malicious code in bioql PyPI...

8.2CVSS8AI score0.00878EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-57355

Malicious code in bioql PyPI...

9.8CVSS8.2AI score0.08263EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 3:7 p.m.11 views

CVE-2020-0758

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815...

7.5CVSS7AI score0.02015EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/10 11:21 p.m.14 views

CVE-2025-29813

Spoofable identity claims Authentication Bypass by Assumed-Immutable Data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network...

10CVSS9.3AI score0.01533EPSS
Exploits0References3
NVD
NVD
added 2025/05/08 11:15 p.m.13 views

CVE-2025-29813

Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network...

10CVSS0.01533EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/05/08 7:0 a.m.27 views

Azure DevOps Elevation of Privilege Vulnerability

Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network...

10CVSS8.5AI score0.01533EPSS
Exploits0
FreeBSD
FreeBSD
added 2024/07/10 12:0 a.m.43 views

Gitlab -- vulnerabilities

Gitlab reports: An attacker can run pipeline jobs as an arbitrary user Developer user with admincomplianceframework permission can change group URL Admin push rules custom role allows creation of project level deploy token Package registry vulnerable to manifest confusion User with admingroupmemb...

9.8CVSS7AI score0.06036EPSS
Exploits2References1
OSV
OSV
added 2024/03/06 10:57 a.m.42 views

BIT-GITLAB-2023-5009 Incorrect Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.2.7, all versions starting from 16.3 before 16.3.4. It was possible for an attacker to run pipeline jobs as an arbitrary user via scheduled security scan policies. This was a bypass of CVE-2023-3932...

9.8CVSS7.2AI score0.08263EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/09/19 7:1 a.m.10 views

CVE-2023-5009 Incorrect Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.2.7, all versions starting from 16.3 before 16.3.4. It was possible for an attacker to run pipeline jobs as an arbitrary user via scheduled security scan policies. This was a bypass of CVE-2023-3932...

8.2CVSS9.7AI score0.08263EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/06/23 5:44 p.m.7 views

jenkins-2-plugin: workflow-job: Stored XSS vulnerability in Pipeline: Job Plugin

A flaw was found in the Jenkins Pipeline: Job Plugin. Affected versions of Jenkins Pipeline: Job Plugin are vulnerable to Cross-site scripting caused by improper validation of user-supplied input. This flaw allows a remote authenticated attacker to inject malicious script into a Web page, which...

5.4CVSS5.6AI score0.00586EPSS
Exploits0References5
OSV
OSV
added 2020/03/12 4:15 p.m.5 views

CVE-2020-0758

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815...

7.5CVSS7.1AI score0.02015EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2020/03/10 7:0 a.m.29 views

Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens. An attacker who successfully exploited this vulnerability could extend their access to a project. To exploit this vulnerability, an attacker would first have...

7.5CVSS2.2AI score0.01837EPSS
Exploits0
Rows per page
Query Builder