Lucene search
K

10 matches found

Cvelist
Cvelist
added 2026/06/24 1:20 p.m.31 views

CVE-2026-57304

A missing permission check in Jenkins Assembla Plugin 1.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using an attacker-specified username and password...

0.00161EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:54 a.m.11 views

CVE-2023-24452

A cross-site request forgery CSRF vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password...

8.8CVSS6.7AI score0.00515EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:44 a.m.19 views

CVE-2022-22982

The vCenter Server contains a server-side request forgery SSRF vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service...

7.5CVSS6.9AI score0.00789EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:11 p.m.22 views

CVE-2022-36912

A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

4.3CVSS6.6AI score0.00505EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:8 p.m.13 views

CVE-2020-2273

A cross-site request forgery CSRF vulnerability in Jenkins ElasTest Plugin 1.2.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

4.3CVSS6.8AI score0.00679EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:15 a.m.8 views

CVE-2019-10463

A missing permission check in Jenkins Dynatrace Application Monitoring Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

6.5CVSS6.6AI score0.00836EPSS
Exploits0References1
CVE
CVE
added 2025/02/19 10:58 p.m.34 views

CVE-2024-37359

Hitachi Vantara Pentaho Business Analytics Server is affected by a server-side request forgery issue due to not validating the Host header of incoming HTTP/HTTPS requests. Affected versions include Pentaho Server prior to 10.2.0.0 and 9.3.0.9, including 8.3.x. The issue allows an attacker to prov...

8.6CVSS8.6AI score0.00476EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/04 12:0 a.m.8 views

RHEL 6 : openstack-swift (RHSA-2014:0367)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0367 advisory. OpenStack Object Storage swift provides object storage in virtual containers, which allows users to store and retrieve files arbitrary data. The...

4.3CVSS5.7AI score0.01895EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/01/24 12:0 a.m.9 views

CVE-2023-24453

A missing check in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password...

6.9AI score0.00723EPSS
Exploits0References1
securityvulns
securityvulns
added 2002/03/22 12:0 a.m.27 views

Automatically opening IE + Executing attachments

GreyMagic Security Advisory GM002-IE ===================================== By GreyMagic Software, Israel. 22 Mar 2002. Available in HTML format at http://security.greymagic.com/adv/gm002-ie/ Topic: Automatically opening IE + Executing attachments. Discovery date: 15 Mar 2002. Important note:...

6AI score
Exploits0
Rows per page
Query Builder