CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/01/22 12:0 a.m.•1 views

PT-2026-4027

Name of the Vulnerable Software and Affected Versions Nelio AB Testing versions through 8.1.8 Description A code injection issue exists in Nelio AB Testing. The issue allows for improper control of code generation. Recommendations Update Nelio AB Testing to a version later than 8.1.8...

5.4AI score0.00085EPSS

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-6268

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00771EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-1411

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00091EPSS

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-2503

Malicious code in bioql PyPI...

3.5CVSS4.8AI score0.00086EPSS

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-2558

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00088EPSS

RedhatCVE•added 2025/05/23 4:18 a.m.•3 views

CVE-2023-41946

A cross-site request forgery CSRF vulnerability in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers to connect to Frugal Testing using attacker-specified credentials, and to retrieve test IDs and names from Frugal Testing, if a valid credential corresponds to the attacker-specified...

3.5CVSS6.7AI score0.00086EPSS

Exploits0

RedhatCVE•added 2025/05/23 4:18 a.m.•5 views

CVE-2023-41947

A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials...

4.3CVSS6.6AI score0.00088EPSS

Exploits0

RedhatCVE•added 2025/05/23 3:37 a.m.•6 views

CVE-2023-28671

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

4.3CVSS6.6AI score0.00091EPSS

RedhatCVE•added 2025/05/23 3:37 a.m.•7 views

CVE-2023-28673

A missing permission check in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS6.3AI score0.00529EPSS

RedhatCVE•added 2025/05/23 3:37 a.m.•8 views

CVE-2023-28672

Jenkins OctoPerf Load Testing Plugin Plugin 4.5.1 and earlier does not perform a permission check in a connection test HTTP endpoint, allowing attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method,...

6.5CVSS6.4AI score0.00555EPSS

RedhatCVE•added 2025/05/22 9:53 p.m.•5 views

CVE-2022-36894

An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfbf and earlier allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content...

6.5CVSS6.8AI score0.00771EPSS

RedhatCVE•added 2025/05/22 7:46 a.m.•5 views

CVE-2019-10448

Jenkins Extensive Testing Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS6.7AI score0.00067EPSS

OSV•added 2024/03/06 11:4 a.m.•24 views

BIT-JENKINS-2020-2251

Jenkins SoapUI Pro Functional Testing Plugin 1.5 and earlier transmits project passwords in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure...

4.3CVSS4.5AI score0.00042EPSS

OSV•added 2023/09/06 3:30 p.m.•17 views

GHSA-P986-HPR3-493P Missing permission checks in Jenkins Frugal Testing Plugin

A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials...

4.3CVSS4.7AI score0.00088EPSS

OSV•added 2023/09/06 1:15 p.m.•1 views

CVE-2023-41947

A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials...

4.3CVSS5.8AI score

Cvelist•added 2023/09/06 12:9 p.m.•20 views

CVE-2023-41947

A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials...

5.2AI score0.00088EPSS

Vulnrichment•added 2023/09/06 12:9 p.m.•16 views

CVE-2023-41947

A missing permission check in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to Frugal Testing using attacker-specified credentials...

6.6AI score0.00088EPSS

CVE•added 2023/09/06 12:9 p.m.•102 views

CVE-2023-41947

CVE-2023-41947 affects Jenkins Frugal Testing Plugin 1.1 and earlier. The root cause is a missing permission check, allowing attackers with Overall/Read permissions to connect to Frugal Testing using attacker-specified credentials. Documented impact is limited to the ability to connect with suppl...

4.3CVSS4.4AI score0.00088EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/09/06 12:9 p.m.•14 views

CVE-2023-41946

6.7AI score0.00086EPSS