CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2012-4373

Malware in sbrugna...

6.1CVSS6.1AI score0.01757EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-7223

Malicious code in bioql PyPI...

5.5CVSS5.6AI score0.01501EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 12:17 a.m.•5 views

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

5.5CVSS6.7AI score0.01501EPSS

Exploits0References1

OSV•added 2022/11/16 12:0 p.m.•1 views

GHSA-4598-WCG8-X56G XML External Entity Reference in Jenkins Violations Plugin

Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers to control XML input files for the 'Report Violations' post-build step to have agent processes parse a crafted file that uses external entities for extraction o...

5.4CVSS6AI score0.01501EPSS

Exploits0References4

NVD•added 2022/11/15 8:15 p.m.•12 views

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

5.5CVSS0.01501EPSS

Exploits0References2

OSV•added 2022/11/15 8:15 p.m.•1 views

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

5.5CVSS5.8AI score

Exploits0References2

Prion•added 2022/11/15 8:15 p.m.•11 views

Xxe

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

1.9CVSS5.4AI score0.01501EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/11/15 12:0 a.m.•10 views

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.1AI score0.01501EPSS

Exploits0References2

Positive Technologies•added 2022/11/15 12:0 a.m.•2 views

PT-2022-27488 · Jenkins · Jenkins Violations Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Violations Plugin versions 0.7.11 and earlier Description: The issue arises from the Jenkins Violations Plugin not configuring its XML parser to prevent XML external entity XXE attacks. This allows attackers to control XML input files...

5.5CVSS5.4AI score0.01501EPSS

Exploits0References6

Vulnrichment•added 2022/11/15 12:0 a.m.•3 views

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.7AI score0.01501EPSS

Exploits0References2

CVE•added 2022/11/15 12:0 a.m.•259 views

CVE-2022-45386

CVE-2022-45386 affects Jenkins Violations Plugin, version 0.7.11 and earlier. The root cause is that the plugin’s XML parser does not prevent XML External Entity (XXE) attacks, enabling an attacker to influence XML input for the Report Violations step and potentially exfiltrate data or trigger se...

5.5CVSS5.8AI score0.01501EPSS

Exploits0References2Affected Software1

OpenVAS•added 2022/08/19 12:0 a.m.•19 views

Jenkins < 1.482, < 1.466.2 LTS Multiple Vulnerabilities - Linux

Jenkins is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS6.7AI score0.01757EPSS

Exploits0References1

Github Security Blog•added 2022/04/23 12:40 a.m.•8 views

Jenkins Violation Plugin allows Cross-Site Scripting (XSS)

Cross-site Scripting XSS in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin...

6.1CVSS6.1AI score0.01757EPSS

Exploits0References6Affected Software1

Prion•added 2019/11/18 10:15 p.m.•19 views

Cross site scripting

Cross-site Scripting XSS in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin...

4.3CVSS6.1AI score0.01757EPSS

Exploits0References3Affected Software1

UbuntuCve•added 2019/11/18 10:15 p.m.•28 views

CVE-2012-4440

Cross-site Scripting XSS in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin...

6.1CVSS6.5AI score0.01757EPSS

Exploits0References3

CVE•added 2019/11/18 9:3 p.m.•103 views

CVE-2012-4440

CVE-2012-4440 is a Cross-site Scripting (XSS) vulnerability in Jenkins involving the Violations plugin. The issue affects Jenkins core builds prior to 1.482 and LTS lines prior to 1.466.2, where remote attackers could inject arbitrary web script or HTML via the Violations plugin. The connected do...

6.1CVSS6.8AI score0.01757EPSS

Exploits0References3Affected Software1

Cvelist•added 2019/11/18 9:3 p.m.•22 views

CVE-2012-4440

Cross-site Scripting XSS in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin...

6.4AI score0.01757EPSS

Exploits0References3

FreeBSD•added 2012/09/17 12:0 a.m.•12 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory reports: This advisory announces security vulnerabilities that were found in Jenkins core and several plugins. The first vulnerability in Jenkins core allows unprivileged users to insert data into Jenkins master, which can lead to remote code execution. For this...

1.2AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by