Lucene search
K

10 matches found

Veracode
Veracode
added 2025/12/13 4:44 a.m.5 views

Authorization Bypass

Jenkins OpenTelemetry Plugin is vulnerable to Authorization Bypass. The vulnerability is due to the plugin allows users with only Overall/Read permission to invoke functionality that connects to attacker-specified URLs using attacker-controlled credential IDs, and enables attackers to capture or...

4.2CVSS6.5AI score0.00223EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-1418

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00555EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4265

Malicious code in bioql PyPI...

8CVSS7.8AI score0.01355EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-0346

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00556EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:6 a.m.9 views

CVE-2023-37958

A cross-site request forgery CSRF vulnerability in Jenkins Sumologic Publisher Plugin 2.2.1 and earlier allows attackers to connect to an attacker-specified URL...

8.8CVSS6.7AI score0.00469EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 p.m.6 views

CVE-2022-25195

A missing permission check in Jenkins autonomiq Plugin 1.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

4.3CVSS6.5AI score0.00541EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/14 8:35 p.m.22 views

CVE-2025-47887

Missing permission checks in Jenkins Cadence vManager Plugin 4.0.1-286.v9e25a740ba48 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password...

0.00292EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2023/05/16 6:6 p.m.17 views

CVE-2023-2631

A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

4.3CVSS6.9AI score0.0039EPSS
Exploits0References1
Veracode
Veracode
added 2020/04/10 12:35 a.m.30 views

Access Restrictions Bypass

JRE proxy is vulnerable to access restrictions bypass. An additional flaw was found in the proxy mechanism implementation. This flaw allowed an untrusted applet or application to bypass access restrictions and communicate using non-authorized socket or URL connections to hosts other than the orig...

7.5CVSS3.1AI score0.04838EPSS
Exploits0References39Affected Software2
OSV
OSV
added 2019/10/23 1:15 p.m.18 views

CVE-2019-10463

A missing permission check in Jenkins Dynatrace Application Monitoring Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

6.5CVSS6.8AI score
Exploits0References2
Rows per page
Query Builder