Lucene search
K

38 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.9 views

CVE-2019-16558

Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM...

8.2CVSS6.8AI score0.00592EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-3548

Malware in sbrugna...

7.5CVSS6.1AI score0.02297EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-8684

Malicious code in bioql PyPI...

8.1CVSS8AI score0.01035EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-47150

Malicious code in bioql PyPI...

3.8CVSS6.6AI score0.00295EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-2000

Malicious code in bioql PyPI...

8.2CVSS8AI score0.00592EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1414

Malicious code in bioql PyPI...

7.5CVSS6.7AI score0.00642EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/05/14 9:31 p.m.7 views

Jenkins DingTalk Plugin Unconditionally Disables SSL/TLS Certificate and Hostname Validation

Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks...

5.9CVSS6.7AI score0.00199EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2024/03/06 6:30 p.m.43 views

Jenkins Delphix Plugin has SSL/TLS certificate validation disabled by default

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

5.3CVSS6.8AI score0.00417EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/03/06 5:15 p.m.7 views

CVE-2024-28161

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

5.3CVSS6.6AI score
Exploits0References2
Cvelist
Cvelist
added 2024/03/06 5:2 p.m.34 views

CVE-2024-28161

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

6.6AI score0.00417EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/06 5:2 p.m.15 views

CVE-2024-28161

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections is disabled by default...

6.7AI score0.00417EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/16 12:0 a.m.49 views

Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.17 Multiple Vulnerabilities (CloudBees Security Advisory 2023-05-16)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.17. It is, therefore, affected by multiple vulnerabilities including the following: - CSRF vulnerability and missing permission checks in Code Dx Plugin CVE-2023-2195,...

8.8CVSS6.2AI score0.72358EPSS
Exploits0References37
Vulnrichment
Vulnrichment
added 2023/01/17 6:22 p.m.7 views

CVE-2023-22875 IBM Security QRadar SIEM information disclosure

IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. IBM X-Force ID: 244356...

8.4CVSS8AI score0.00308EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2022/08/27 12:0 a.m.41 views

Security update for nim (important)

openSUSE Security Update: Security update for nim Announcement ID: openSUSE-SU-2022:10101-1 Rating: important References: 1175332 1175333 1175334 1181705 1185083 1185084 1185085 1185948 1192712 Cross-References: CVE-2020-15690 CVE-2020-15692 CVE-2020-15693 CVE-2020-15694 CVE-2021-21372...

10CVSS6.9AI score0.04205EPSS
Exploits7References9
Github Security Blog
Github Security Blog
added 2022/05/24 5:17 p.m.28 views

Lack of SSL/TLS certificate and hostname validation in Amazon EC2 Plugin

Amazon EC2 Plugin connects to Windows agents via HTTPS. Amazon EC2 Plugin 1.50.1 and earlier unconditionally accepts self-signed HTTPS certificates and does not perform hostname validation when connecting to Windows agents. This lack of validation could be abused using a man-in-the-middle attack ...

6.8CVSS5.3AI score0.00411EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/24 4:47 p.m.16 views

GHSA-XMQV-PFW7-QMJ7 Jenkins ElectricFlow Plugin globally and unconditionally disabled SSL/TLS certificate validation

CloudBees CD Plugin unconditionally disabled SSL/TLS certificate validation for the entire Jenkins controller JVM during the deployment/publication of an application. CloudBees CD Plugin no longer does that. Instead, the existing opt-in option to ignore SSL/TLS errors is used during deployment fo...

6.5CVSS6.5AI score0.01303EPSS
Exploits0References5
0day.today
0day.today
added 2022/05/11 12:0 a.m.135 views

Akka HTTP 10.1.14 - Denial of Service Exploit

Exploit Title: Akka HTTP Denial of Service via Nested Header Comments Exploit Author: cxosmo Vendor Homepage: https://akka.io Software Link: https://github.com/akka/akka-http Version: Akka HTTP 10.1.x 10.1.15 & 10.2.x 10.2.7 Tested on: Akka HTTP 10.2.4, Ubuntu CVE : CVE-2021-42697 import argparse...

7.5CVSS7.5AI score0.36139EPSS
Exploits5
CNVD
CNVD
added 2022/03/31 12:0 a.m.22 views

Jenkins Proxmox Plugin Trust Management Issue Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Proxmox Plugin 0.6.0 and earlier...

7.5CVSS1.7AI score0.00642EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/03/30 12:0 a.m.27 views

SSL/TLS certificate validation globally disabled by Jenkins Proxmox Plugin

Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally for the Jenkins controller JVM when configured to ignore SSL/TLS issues...

7.5CVSS2.1AI score0.00642EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/03/29 1:15 p.m.14 views

CVE-2022-28142

Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally for the Jenkins controller JVM when configured to ignore SSL/TLS issues...

7.5CVSS0.00642EPSS
Exploits0References2
Rows per page
Query Builder