EUVD-2022-2242

Malicious code in bioql PyPI...

CVE-2019-10308

A missing permission check in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers with Overall/Read permission to change the per-job default graph configuration for all users...

CVE-2025-32664 WordPress Nepali Date Utilities plugin <= 1.0.15 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in ashokbasnet Nepali Date Utilities nepali-date-utilities allows Stored XSS.This issue affects Nepali Date Utilities: from n/a through = 1.0.15...

GHSA-2X49-WJ38-78Q9 Agent-to-controller security bypass vulnerability in Jenkins Compuware Topaz Utilities Plugin

Compuware Topaz Utilities Plugin 1.0.8 and earlier implements an agent/controller message that does not limit where it can be executed. It allows attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process. This vulnerability is onl...

CVE-2022-43422

Jenkins Compuware Topaz Utilities Plugin 1.0.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process...

Design/Logic Flaw

Jenkins Compuware Topaz Utilities Plugin 1.0.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process...

Jenkins Compuware Topaz Utilities Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

CVE-2022-43422

CVE-2022-43422 affects Jenkins Compuware Topaz Utilities Plugin 1.0.8 and earlier. The root cause is an agent/controller message that is not limited to where it can be executed, allowing attackers who can control agent processes to obtain Java system properties from the Jenkins controller process...

CVE-2022-36895

CVE-2022-36895 affects Jenkins Compuware Topaz Utilities Plugin (versions 1.0.8 and earlier). The vulnerability is a missing permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs sto...

Stored XSS vulnerability in Jenkins Static Analysis Utilities Plugin

Jenkins Static Analysis Utilities Plugin 1.96 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

GHSA-FG6G-52RG-VR9Q Stored XSS vulnerability in Jenkins Static Analysis Utilities Plugin

Jenkins Static Analysis Utilities Plugin 1.96 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

Missing permission check in Jenkins Static Analysis Utilities Plugin

A missing permission check in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers with Overall/Read permission to change the per-job default graph configuration for all users...

Jenkins Static Analysis Utilities Plugin is vulnerable to Cross-site request forgery vulnerability

Jenkins analysis-core Plugin has the capability to allow other plugins to display trend graphs for their static analysis results. analysis-core Plugin provides the configuration form for the default settings of each graph. The configuration form and form submission handler did not perform a...

CloudBees Jenkins Static Analysis Utilities Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...

CVE-2020-2316

The CVE-2020-2316 vulnerability affects Jenkins’ Static Analysis Utilities Plugin (versions 1.96 and earlier). The issue is a failure to escape the annotation message shown in tooltips, causing a stored cross-site scripting (XSS) vulnerability. Exploitation is possible by attackers who have Job/C...

CVE-2019-10308

A missing permission check in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers with Overall/Read permission to change the per-job default graph configuration for all users...

CVE-2019-10307

A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers to change the per-job default graph configuration for all users...

CVE-2019-10307

A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers to change the per-job default graph configuration for all users...

CVE-2019-10308

A missing permission check in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers with Overall/Read permission to change the per-job default graph configuration for all users...

CVE-2019-10308

CVE-2019-10308 affects Jenkins Static Analysis Utilities Plugin (versions ≤ 1.95). A missing permission check in the DefaultGraphConfigurationView.doSave form handler allowed users with Overall/Read permissions to alter the per-job default graph configuration for all users. Impact: attackers with...