Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2716 matches found

Prion
Prionadded 2022/11/15 8:15 p.m.14 views

Xxe

Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.5CVSS9.4AI score0.04058EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2022/11/15 12:0 a.m.270 views

CVE-2022-45395

CVE-2022-45395 affects Jenkins CCCC Plugin 0.6 and earlier. The root cause is that its XML parser is not configured to prevent XML External Entity (XXE) attacks, which can allow an attacker to access or manipulate data in the published CCCC report via crafted XML. The connected documents confirm ...

9.8CVSS9.3AI score0.04514EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/11/15 12:0 a.m.8 views

CVE-2022-45396

Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7AI score0.03095EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/11/15 12:0 a.m.10 views

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.1AI score0.00993EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/11/15 12:0 a.m.15 views

CVE-2022-45395

Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

9.7AI score0.04514EPSS
Exploits0References2
CVE
CVEadded 2022/11/15 12:0 a.m.266 views

CVE-2022-45400

Jenkins JAPEX Plugin (versions 1.7 and earlier) is vulnerable to an XML External Entity (XXE) attack because it does not configure its XML parser to prevent XXE. This is documented across multiple sources (CVE-2022-45400; GHSA-8538-25V4-25PG; NVD entry). The root cause is improper parser configur...

9.8CVSS9.4AI score0.04058EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/11/15 12:0 a.m.3 views

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.7AI score0.00993EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/11/15 12:0 a.m.2 views

Jenkins Plugin OSF Builder Suite :: XML Linter 代码问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin A code issu...

9.8CVSS8.3AI score0.03095EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2022/11/15 12:0 a.m.2 views

PT-2022-27502 · Jenkins · Jenkins Japex Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins JAPEX Plugin versions 1.7 and earlier Description: The issue is related to the XML parser not being configured to prevent XML external entity XXE attacks. This allows attackers who can control XML input files for the 'Record Japex tes...

9.8CVSS9.1AI score0.04058EPSS
Exploits0References6
CVE
CVEadded 2022/11/15 12:0 a.m.268 views

CVE-2022-45386

CVE-2022-45386 affects Jenkins Violations Plugin, version 0.7.11 and earlier. The root cause is that the plugin’s XML parser does not prevent XML External Entity (XXE) attacks, enabling an attacker to influence XML input for the Report Violations step and potentially exfiltrate data or trigger se...

5.5CVSS5.8AI score0.00993EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/11/15 12:0 a.m.16 views

CVE-2022-45396

Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

9.7AI score0.03095EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/11/15 12:0 a.m.2 views

Jenkins Plugin CCCC 代码问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A code issue vulnerability...

9.8CVSS8.4AI score0.04514EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2022/11/15 12:0 a.m.4 views

CVE-2022-45400

Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.7AI score0.04058EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/11/15 12:0 a.m.23 views

CVE-2022-45400

Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

9.7AI score0.04058EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2022/11/15 12:0 a.m.6 views

CVE-2022-45395

Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.7AI score0.04514EPSS
Exploits0References2
Fedora
Fedoraadded 2022/11/13 1:20 a.m.26 views

[SECURITY] Fedora 35 Update: mingw-expat-2.5.0-1.fc35

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

7.5CVSS7.8AI score0.00382EPSS
Exploits1
Fedora
Fedoraadded 2022/11/13 1:19 a.m.33 views

[SECURITY] Fedora 36 Update: mingw-expat-2.5.0-1.fc36

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

7.5CVSS7.8AI score0.00382EPSS
Exploits1
OpenVAS
OpenVASadded 2022/11/13 12:0 a.m.20 views

Fedora: Security Advisory for mingw-expat (FEDORA-2022-c43235716e)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS8AI score0.00382EPSS
Exploits1References2
OpenVAS
OpenVASadded 2022/11/11 12:0 a.m.19 views

Fedora: Security Advisory for mingw-expat (FEDORA-2022-dcb1d7bcb1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.3AI score0.00915EPSS
Exploits0References2
Fedora
Fedoraadded 2022/11/10 10:49 p.m.29 views

[SECURITY] Fedora 37 Update: mingw-expat-2.4.9-1.fc37

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

8.1CVSS7.2AI score0.00915EPSS
Exploits0
Rows per page
Query Builder