CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

933 matches found

Github Security Blog•added 2022/06/24 12:0 a.m.•20 views

Cross-Site Request Forgery in Jenkins Jianliao Notification Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

6.5CVSS6.9AI score0.00468EPSS

Exploits0References3Affected Software1

OSV•added 2022/06/24 12:0 a.m.•34 views

GHSA-24H8-CPQM-QMF3 Cross-Site Request Forgery in Jenkins Convertigo Mobile Platform Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers to connect to an attacker-specified URL...

4.3CVSS8.6AI score0.00503EPSS

Exploits0References3

OSV•added 2022/06/23 5:15 p.m.•1 views

CVE-2022-34201

A missing permission check in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

6.5CVSS6.4AI score

Exploits0References1

OSV•added 2022/06/23 5:15 p.m.•2 views

CVE-2022-34203

A cross-site request forgery CSRF vulnerability in Jenkins EasyQA Plugin 1.0 and earlier allows attackers to connect to an attacker-specified HTTP server...

8.8CVSS5.7AI score

Exploits0References1

ATTACKERKB•added 2022/06/23 5:15 p.m.•2 views

CVE-2022-34204

A missing permission check in Jenkins EasyQA Plugin 1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server...

4.3CVSS6.3AI score0.00521EPSS

Exploits0References2

ATTACKERKB•added 2022/06/23 5:15 p.m.•2 views

CVE-2022-34205

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

6.5CVSS6.5AI score0.00468EPSS

Exploits0References2

ATTACKERKB•added 2022/06/23 5:15 p.m.•2 views

CVE-2022-34203

A cross-site request forgery CSRF vulnerability in Jenkins EasyQA Plugin 1.0 and earlier allows attackers to connect to an attacker-specified HTTP server...

8.8CVSS6.6AI score0.00503EPSS

Exploits0References2

ATTACKERKB•added 2022/06/23 5:15 p.m.•1 views

CVE-2022-34200

A cross-site request forgery CSRF vulnerability in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers to connect to an attacker-specified URL...

8.8CVSS6.6AI score0.00503EPSS

Exploits0References2

OSV•added 2022/06/23 5:15 p.m.•1 views

CVE-2022-34207

A cross-site request forgery CSRF vulnerability in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers to connect to an attacker-specified URL...

6.5CVSS6.3AI score0.00468EPSS

Exploits0References1

OSV•added 2022/06/23 5:15 p.m.•4 views

CVE-2022-34205

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

6.5CVSS6.5AI score0.00468EPSS

Exploits0References1

NVD•added 2022/06/23 5:15 p.m.•32 views

CVE-2022-34207

A cross-site request forgery CSRF vulnerability in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers to connect to an attacker-specified URL...

6.5CVSS0.00468EPSS

Exploits0References1

NVD•added 2022/06/23 5:15 p.m.•14 views

CVE-2022-34201

A missing permission check in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

6.5CVSS0.0057EPSS

Exploits0References1

Cvelist•added 2022/06/22 2:41 p.m.•19 views

CVE-2022-34206

A missing permission check in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers with Overall/Read permission to send HTTP POST requests to an attacker-specified URL...

6.8AI score0.00521EPSS

Exploits0References1

CNNVD•added 2022/06/22 12:0 a.m.•12 views

Jenkins Plugin vRealize Orchestrator 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application. jenkins vRealize Orchestrator Plugin 3.0...

5.7CVSS5.7AI score0.00619EPSS

Exploits0References4

CNNVD•added 2022/06/22 12:0 a.m.•4 views

Jenkins Plugin Beaker 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. An attacker could use this vulnerability to connect to a specified URL by...

4.3CVSS5.7AI score0.00553EPSS

Exploits0References4

Positive Technologies•added 2022/06/06 12:0 a.m.•2 views

PT-2022-4882 · Qualcomm · Snapdragon +1

Name of the Vulnerable Software and Affected Versions: Qualcomm embedded platform software affected versions not specified Description: The issue is related to a component in the audio microcode of Qualcomm's embedded platforms, which lacks buffer length checks and is vulnerable to out-of-bounds...

8.4CVSS8.1AI score0.00116EPSS

Exploits0References6

Github Security Blog•added 2022/05/24 5:28 p.m.•25 views

CSRF vulnerability in Jenkins ElasTest Plugin

A cross-site request forgery CSRF vulnerability in Jenkins ElasTest Plugin 1.2.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

4.3CVSS5AI score0.00679EPSS

Exploits0References4Affected Software1

Github Security Blog•added 2022/05/24 5:28 p.m.•21 views

Missing permission checks in Jenkins ElasTest Plugin

A missing permission check in Jenkins ElasTest Plugin 1.2.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

4.3CVSS4.5AI score0.00656EPSS

Exploits0References4Affected Software1

Github Security Blog•added 2022/05/24 5:28 p.m.•24 views

Arbitrary file write vulnerability in Jenkins Storable Configs Plugin

Jenkins Storable Configs Plugin 1.0 and earlier does not restrict the user-specified file name, allowing attackers with Job/Configure permission to replace any other '.xml' file on the Jenkins controller with a job config.xml file's content...

6.5CVSS6.1AI score0.01414EPSS

Exploits0References4Affected Software1

OSV•added 2022/05/24 5:28 p.m.•13 views

GHSA-79H8-7735-V3F9 System command execution vulnerability in Selection tasks Jenkins Plugin

Jenkins Selection tasks Plugin 1.0 and earlier executes a user-specified program on the Jenkins controller, allowing attackers with Job/Configure permission to execute an arbitrary system command on the Jenkins controller as the OS user that the Jenkins process is running as...

8.8CVSS8.9AI score0.01623EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by