Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2025/10/29 3:31 p.m.2 views

GHSA-MRPQ-9JR3-RQQ9 Jenkins MCP Server Plugin does not perform permission checks in multiple MCP tools

Jenkins MCP Server Plugin 0.84.v50ca24ef83f2 and earlier does not perform permission checks in several MCP tools. This allows to do the following: - Attackers with Item/Read permission can obtain information about the configured SCM in a job despite lacking Item/Extended Read permission getJobScm...

5.4CVSS6.5AI score0.00017EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2022/02/24 3:15 p.m.2 views

jenkins-2-plugins/docker-commons: does not sanitize the name of an image or a tag which could result in an OS command execution

An OS command execution vulnerability was found in the Jenkins Docker Commons plugin. Due to a lack of sanitization in the name of an image or a tag, an attacker with Item/Configure permission or the ability to control the contents of a previously configured job’s SCM repository may be able to...

8.8CVSS5.9AI score0.00744EPSS
Exploits0References5
Prion
Prionadded 2018/05/21 11:29 p.m.19 views

Cross site scripting

jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting vulnerability in console notes SECURITY-382. Jenkins allows plugins to annotate build logs, adding new content or changing the presentation of existing content while the build is running. Malicious Jenkins user...

3.5CVSS5.3AI score0.00047EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2018/05/21 11:29 p.m.12 views

CVE-2017-2607

jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting vulnerability in console notes SECURITY-382. Jenkins allows plugins to annotate build logs, adding new content or changing the presentation of existing content while the build is running. Malicious Jenkins user...

5.4CVSS5.5AI score0.00047EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2018/05/21 11:29 p.m.19 views

CVE-2017-2607

jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting vulnerability in console notes SECURITY-382. Jenkins allows plugins to annotate build logs, adding new content or changing the presentation of existing content while the build is running. Malicious Jenkins user...

5.4CVSS6.4AI score0.00047EPSS
Exploits0References2
ThreatPost
ThreatPostadded 2011/01/25 4:9 p.m.6 views

Fedora System Compromised, But No Changes Made

The infrastructure of the Fedora Project was compromised over the weekend and an account belonging to a Fedora contributor was taken over by an attacker. However, Fedora officials said they don’t believe that the attacker was able to push any changes to the Fedora package system or make any actua...

1.5AI score
Exploits0References2
Rows per page
Query Builder