CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-1000

Malicious code in bioql PyPI...

5.5CVSS5.6AI score0.00051EPSS

RedhatCVE•added 2025/05/23 6:9 a.m.•2 views

CVE-2023-25721

Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and when a scan is configured for remote agent jobs, allows users with access to view the job log to...

6.5CVSS6.9AI score0.00326EPSS

Exploits0References1

RustSec•added 2023/11/06 12:0 p.m.•1 views

`littest` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the malicious user http-tiny and contained a malware payload in build.rs to exfiltrate host information to the attacker. This advisory is to retrospectively document this attempted attack. The version information and download...

RustSec•added 2023/11/06 12:0 p.m.•1 views

`tiny-server` was removed from crates.io for malicious code

OSV•added 2023/11/06 12:0 p.m.•1 views

RUSTSEC-2023-0104 `littest` was removed from crates.io for malicious code

OSV•added 2023/08/18 12:0 p.m.•0 views

Exploits0References2

RUSTSEC-2023-0110 `postgresderive` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the malicious user amaperf and contained a malware payload in build.rs to exfiltrate host information to the attacker. This advisory is to retrospectively document this attempted attack. The version information and download recor...

OSV•added 2023/08/16 12:0 p.m.•0 views

Exploits0References2

RUSTSEC-2023-0099 `envlogger` was removed from crates.io for malicious code

RustSec•added 2023/08/16 12:0 p.m.•1 views

`xrvrv` was removed from crates.io for malicious code

RustSec•added 2023/08/16 12:0 p.m.•3 views

`postgress` was removed from crates.io for malicious code

OSV•added 2023/08/16 12:0 p.m.•2 views

RUSTSEC-2023-0101 `oncecell` was removed from crates.io for malicious code

OSV•added 2023/08/16 12:0 p.m.•1 views

RUSTSEC-2023-0100 `xrvrv` was removed from crates.io for malicious code

OSV•added 2023/08/16 12:0 p.m.•1 views

RUSTSEC-2023-0097 `lazystatic` was removed from crates.io for malicious code

RustSec•added 2023/08/16 12:0 p.m.•2 views

`envlogger` was removed from crates.io for malicious code

OSV•added 2023/08/16 12:0 p.m.•1 views

RUSTSEC-2023-0103 `postgress` was removed from crates.io for malicious code

OSV•added 2023/03/28 9:30 p.m.•18 views

GHSA-C4JR-VJM4-27HQ Veracode Scan Jenkins Plugin vulnerable to information disclosure

Veracode Scan Jenkins Plugin before 23.3.19.0 is vulnerable to information disclosure of proxy credentials in job logs under specific configurations. Users are potentially affected if they: - are using Veracode Scan Jenkins Plugin prior to 23.3.19.0 - AND have configured Veracode Scan to run on...

4.4CVSS5.3AI score0.00326EPSS

OSV•added 2023/03/28 9:30 p.m.•15 views

GHSA-FJRV-VX9M-4JPJ Veracode Scan Jenkins Plugin vulnerable to information disclosure

Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to discover Veracode API credentials by listing the process and its arguments...

5.5CVSS5.5AI score0.00051EPSS