Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

26 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-3358

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.0008EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-2920

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00058EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/22 3:31 a.m.6 views

CVE-2018-1999029

A cross-site scripting vulnerability exists in Jenkins Shelve Project Plugin 1.5 and earlier in ShelveProjectAction/index.jelly, ShelvedProjectsAction/index.jelly that allows attackers with Job/Configure permission to define JavaScript that would be executed in another user's browser when that...

5.4CVSS5.8AI score0.00058EPSS
Exploits0References1
OSV
OSVadded 2025/03/20 12:32 p.m.0 views

GHSA-747F-WW56-4Q4H Kedro deserialization vulnerability

A Remote Code Execution RCE vulnerability has been identified in the Kedro ShelveStore class version 0.19.8. This vulnerability allows an attacker to execute arbitrary Python code via deserialization of malicious payloads, potentially leading to a full system compromise. The ShelveStore class use...

9.8CVSS6.2AI score0.0614EPSS
Exploits0References4
vulnersOsv
vulnersOsvadded 2022/05/24 5:35 p.m.0 views

org.jenkins-ci.plugins:cron-shelve (=1.3) potentially affected by CVE-2020-2321 via org.jenkins-ci.plugins:shelve-project-plugin (=1.5)

org.jenkins-ci.plugins:shelve-project-plugin MAVEN version =1.5 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:shelve-project-plugin and may be impacted: - org.jenkins-ci.plugins:cron-shelve =1.3 Source cves: CVE-2020-2321 Sourc...

8.1CVSS7.2AI score0.0008EPSS
Exploits0
Github Security Blog
Github Security Blogadded 2022/05/24 5:35 p.m.25 views

CSRF vulnerability in Jenkins Shelve Project Plugin

Jenkins Shelve Project Plugin 3.0 and earlier does not require POST requests for HTTP endpoints, resulting in cross-site request forgery CSRF vulnerabilities. These vulnerabilities allow attackers to shelve, unshelve, or delete a project. Jenkins Shelve Project Plugin 3.1 requires POST requests f...

8.1CVSS7.9AI score0.0008EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2022/05/24 5:35 p.m.21 views

GHSA-9F37-GGXM-H6WX CSRF vulnerability in Jenkins Shelve Project Plugin

Jenkins Shelve Project Plugin 3.0 and earlier does not require POST requests for HTTP endpoints, resulting in cross-site request forgery CSRF vulnerabilities. These vulnerabilities allow attackers to shelve, unshelve, or delete a project. Jenkins Shelve Project Plugin 3.1 requires POST requests f...

8.1CVSS8.2AI score0.0008EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2022/05/14 2:57 a.m.18 views

Stored Cross-Site Scripting Vulnerability in Jenkins Shelve Project Plugin

A cross-site scripting vulnerability exists in Jenkins Shelve Project Plugin 1.5 and earlier in ShelveProjectAction/index.jelly, ShelvedProjectsAction/index.jelly that allows attackers with Job/Configure permission to define JavaScript that would be executed in another user's browser when that...

5.4CVSS5.9AI score0.00058EPSS
Exploits0References3Affected Software1
vulnersOsv
vulnersOsvadded 2022/05/14 2:57 a.m.0 views

org.jenkins-ci.plugins:cron-shelve (=1.3) potentially affected by CVE-2018-1999029 via org.jenkins-ci.plugins:shelve-project-plugin (=1.5)

org.jenkins-ci.plugins:shelve-project-plugin MAVEN version =1.5 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:shelve-project-plugin and may be impacted: - org.jenkins-ci.plugins:cron-shelve =1.3 Source cves: CVE-2018-1999029...

5.4CVSS6AI score0.00058EPSS
Exploits0
OSV
OSVadded 2022/05/14 2:57 a.m.15 views

GHSA-7577-F8FP-5977 Stored Cross-Site Scripting Vulnerability in Jenkins Shelve Project Plugin

A cross-site scripting vulnerability exists in Jenkins Shelve Project Plugin 1.5 and earlier in ShelveProjectAction/index.jelly, ShelvedProjectsAction/index.jelly that allows attackers with Job/Configure permission to define JavaScript that would be executed in another user's browser when that...

5.4CVSS5.1AI score0.00058EPSS
Exploits0References2
CNVD
CNVDadded 2020/12/07 12:0 a.m.2 views

Cloudbees Jenkins Shelve Project Plugin Cross-Site Request Forgery Vulnerability

Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . A cross-site request forgery...

8.1CVSS6.8AI score0.0008EPSS
Exploits0References1
NVD
NVDadded 2020/12/03 4:15 p.m.12 views

CVE-2020-2321

A cross-site request forgery CSRF vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project...

8.1CVSS8AI score0.0008EPSS
Exploits0References2
OSV
OSVadded 2020/12/03 4:15 p.m.14 views

CVE-2020-2321

A cross-site request forgery CSRF vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project...

8.1CVSS6.7AI score
Exploits0References2
Prion
Prionadded 2020/12/03 4:15 p.m.11 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project...

5.8CVSS7.9AI score0.0008EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2020/12/03 3:55 p.m.13 views

CVE-2020-2321

A cross-site request forgery CSRF vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project...

8.1AI score0.0008EPSS
Exploits0References2
CVE
CVEadded 2020/12/03 3:55 p.m.64 views

CVE-2020-2321

CVE-2020-2321 concerns a CSRF vulnerability in Jenkins Shelve Project Plugin (3.0 and earlier). The underlying issue, reported across multiple sources, is that the plugin’s HTTP endpoints did not require POST requests, enabling attackers to shelve, unshelve, or delete a project without authentica...

8.1CVSS7.9AI score0.0008EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinuxadded 2020/12/03 3:55 p.m.35 views

CVE-2020-2321

A cross-site request forgery CSRF vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project...

8.1CVSS4.9AI score0.0008EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2020/12/03 12:0 a.m.1 views

PT-2020-15555 · Jenkins · Jenkins Shelve Project Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Shelve Project Plugin versions 3.0 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to shelve, unshelve, or delete a project. This issue arises because the plugin does not require POST requests...

8.1CVSS8AI score0.0008EPSS
Exploits0References9
CNNVD
CNNVDadded 2020/12/03 12:0 a.m.3 views

Cloudbees Jenkins 跨站请求伪造漏洞

Cloudbees Jenkins Hudson Labs is the United States CloudBees Cloudbees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . A cross-site request forgery...

8.1CVSS5.7AI score0.0008EPSS
Exploits0References4
CNVD
CNVDadded 2018/08/08 12:0 a.m.3 views

CloudBees Jenkins Shelve Project Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and a number of timed tasks . Shelve Project Plugin is used in one of the project...

5.4CVSS5.3AI score0.00058EPSS
Exploits0References1
Rows per page
Query Builder