CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

CISA KEV Catalog•added 2025/10/02 12:0 a.m.•11 views

Jenkins Remote Code Execution Vulnerability

Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist-based protection...

9.8CVSS7.7AI score0.94479EPSS

In wildExploits36

Nuclei•added 2024/11/11 8:11 p.m.•20 views

Jenkins CLI - Java Deserialization

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java SignedObject object to the Jenkins CLI, that would be deserialized...

9.8CVSS8.3AI score0.94479EPSS

Exploits36References3

Github Security Blog•added 2022/05/13 1:1 a.m.•39 views

Deserialization of Untrusted Data in Jenkins

9.8CVSS3.4AI score0.94479EPSS

Exploits36References10Affected Software1

OSV•added 2022/05/13 1:1 a.m.•1 views

GHSA-26WC-3WQP-G3RP Deserialization of Untrusted Data in Jenkins

9.8CVSS7.6AI score0.94479EPSS

Exploits36References10

Prion•added 2018/01/29 5:29 p.m.•33 views

Remote code execution

7.5CVSS9.8AI score0.94479EPSS

Exploits36References5Affected Software2

NVD•added 2018/01/29 5:29 p.m.•29 views

CVE-2017-1000353

9.8CVSS9.9AI score0.94479EPSS

Exploits36References6

Vulnrichment•added 2018/01/29 5:0 p.m.•5 views

CVE-2017-1000353

8.3AI score0.94479EPSS

Exploits36References5

ATTACKERKB•added 2018/01/29 12:0 a.m.•58 views

CVE-2017-1000353

9.8CVSS0.8AI score0.94479EPSS

Exploits36References5

Positive Technologies•added 2018/01/29 12:0 a.m.•6 views

PT-2018-3792

Name of the Vulnerable Software and Affected Versions Jenkins versions 2.56 and earlier Jenkins version 2.46.1 LTS and earlier Description The issue is related to an unauthenticated remote code execution, where an attacker can transfer a serialized Java SignedObject object to the Jenkins CLI. Thi...

10CVSS8.1AI score0.94479EPSS

Exploits36References19

CNVD•added 2017/04/28 12:0 a.m.•4 views

Jenkins Java Deserialization Remote Code Execution Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Jenkin...

9.8CVSS9.7AI score0.94479EPSS

Exploits36References1

RedhatCVE•added 2017/04/27 9:48 a.m.•43 views

CVE-2017-1000353

9.8CVSS3.3AI score0.94479EPSS

Exploits36References2

RedHat Linux•added 2011/07/15 3:55 a.m.•3 views

OpenJDK: Deserialization allows creation of mutable SignedObject (Deserialization, 6618658)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to...

2.6CVSS7.4AI score0.03779EPSS

Exploits0References4

RedHat Linux•added 2011/06/08 3:18 p.m.•2 views

OpenJDK: Deserialization allows creation of mutable SignedObject (Deserialization, 6618658)

2.6CVSS7.4AI score0.03779EPSS

Exploits0References4

RedHat Linux•added 2011/06/08 2:42 p.m.•5 views

OpenJDK: Deserialization allows creation of mutable SignedObject (Deserialization, 6618658)

2.6CVSS7.4AI score0.03779EPSS

Exploits0References4

Rows per page