CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-3818

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00295EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-5411

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00178EPSS

Exploits0References5

RedhatCVE•added 2025/05/22 4:29 p.m.•6 views

CVE-2020-2205

Jenkins VncRecorder Plugin 1.25 and earlier does not escape a tool path in the checkVncServ form validation endpoint, resulting in a stored cross-site scripting XSS vulnerability exploitable by Jenkins administrators...

4.8CVSS5.5AI score0.00178EPSS

Exploits0

RedhatCVE•added 2025/05/22 4:7 p.m.•4 views

CVE-2020-2206

Jenkins VncRecorder Plugin 1.25 and earlier does not escape a parameter value in the checkVncServ form validation endpoint, resulting in a reflected cross-site scripting XSS vulnerability...

6.1CVSS5.8AI score0.00295EPSS

Exploits0

Github Security Blog•added 2022/05/24 5:22 p.m.•18 views

Reflected XSS vulnerability in Jenkins VncRecorder Plugin

VncRecorder Plugin 1.25 and earlier does not escape a parameter value in the checkVncServ form validation endpoint output. This results in a reflected cross-site scripting XSS vulnerability. VncRecorder Plugin 1.35 escapes the parameter value in the output...

6.1CVSS5.6AI score0.00295EPSS

Exploits0References4Affected Software1

OSV•added 2022/05/24 5:22 p.m.•22 views

GHSA-VQP8-H53H-3JFH Stored XSS vulnerability in Jenkins VncRecorder Plugin

VncRecorder Plugin 1.25 and earlier does not escape a tool path in the checkVncServ form validation endpoint accessed e.g. via job configuration forms. This results in a stored cross-site scripting XSS vulnerability exploitable by Jenkins administrators. VncRecorder Plugin 1.35 escapes the tool...

4.8CVSS4.9AI score0.00178EPSS

Exploits0References4

CNVD•added 2020/07/03 12:0 a.m.•2 views

CloudBees Jenkins VncRecorder Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . VncRecorder Plugin is used in one of the scre...

6.1CVSS6.4AI score0.00295EPSS

Exploits0References1

CNVD•added 2020/07/03 12:0 a.m.•2 views

CloudBees Jenkins VncRecorder Plugin Cross-Site Scripting Vulnerability (CNVD-2020-50510)

4.8CVSS6.4AI score0.00178EPSS

Exploits0References1

OSV•added 2020/07/02 3:15 p.m.•6 views

CVE-2020-2206

Jenkins VncRecorder Plugin 1.25 and earlier does not escape a parameter value in the checkVncServ form validation endpoint, resulting in a reflected cross-site scripting XSS vulnerability...

6.1CVSS5.8AI score

Exploits0References2

NVD•added 2020/07/02 3:15 p.m.•12 views

CVE-2020-2205

4.8CVSS0.00178EPSS

Exploits0References2

OSV•added 2020/07/02 3:15 p.m.•8 views

CVE-2020-2205

4.8CVSS5.5AI score

Exploits0References2

Prion•added 2020/07/02 3:15 p.m.•14 views

Cross site scripting

3.5CVSS4.9AI score0.00178EPSS

Exploits0References2Affected Software1

Prion•added 2020/07/02 3:15 p.m.•15 views

Cross site scripting

Jenkins VncRecorder Plugin 1.25 and earlier does not escape a parameter value in the checkVncServ form validation endpoint, resulting in a reflected cross-site scripting XSS vulnerability...

4.3CVSS6AI score0.00295EPSS

Exploits0References2Affected Software1

CVE•added 2020/07/02 2:55 p.m.•60 views

CVE-2020-2206

The CVE-2020-2206 entry concerns Jenkins VncRecorder Plugin versions 1.25 and earlier. Affected component: the checkVncServ form validation endpoint, which does not escape a parameter value, causing a reflected XSS vulnerability. Root cause: inadequate escaping in the endpoint’s output. Practical...

6.1CVSS6AI score0.00295EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/07/02 2:55 p.m.•16 views

CVE-2020-2206

Jenkins VncRecorder Plugin 1.25 and earlier does not escape a parameter value in the checkVncServ form validation endpoint, resulting in a reflected cross-site scripting XSS vulnerability...

6AI score0.00295EPSS

Exploits0References2

CVE•added 2020/07/02 2:55 p.m.•50 views

CVE-2020-2205

CVE-2020-2205 affects Jenkins VncRecorder Plugin 1.25 and earlier. The vulnerability arises because the tool path in the checkVncServ form validation endpoint is not escaped, leading to a stored XSS condition exploitable by Jenkins administrators. Documents consistently describe the affected comp...

4.8CVSS4.9AI score0.00178EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by