Lucene search
K
JenkinsRecent

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2026/03/18 12:0 a.m.•14 views

API keys stored and displayed in plain text by loadninja

loadninja 2.1 and earlier stores LoadNinja API keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the job...

4.3CVSS5.3AI score0.00217EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2026/02/18 12:0 a.m.•7 views

Stored XSS vulnerability in node offline cause description

Since Jenkins 2.483, the description of the reason why a node is offline the "offline cause" is defined as containing HTML and rendered as such. Jenkins 2.550 and earlier, LTS 2.541.1 and earlier does not escape the user-provided description of the "Mark temporarily offline" offline cause. This...

8CVSS7.5AI score0.00505EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2026/02/18 12:0 a.m.•7 views

Build information disclosure vulnerability through Run Parameter

Jenkins 2.550 and earlier, LTS 2.541.1 and earlier accepts Run Parameter values that refer to builds the user submitting the build does not have access to. This allows attackers with Item/Build and Item/Configure permission to obtain information about the existence of jobs, the existence of build...

4.3CVSS7.8AI score0.00333EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/12/10 12:0 a.m.•7 views

Denial of service vulnerability in HTTP-based CLI

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connections when the connection stream becomes corrupted. This allows unauthenticated attackers to cause a denial of service by creating HTTP-based CLI connection requests, resulting in request-handling...

7.5CVSS7.6AI score0.00506EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/12/10 12:0 a.m.•8 views

Stored XSS vulnerability in coverage

coverage uses coverage results IDs to create the links to coverage results on the Jenkins UI. coverage 2.3054.ve1ff7baa123b and earlier does not validate the configured coverage results ID when creating coverage results, only when submitting the job configuration through the UI. This allows...

8CVSS4.9AI score0.00257EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/12/10 12:0 a.m.•8 views

Missing permission check in BlazeMeterJenkinsPlugin allows enumerating credentials IDs

BlazeMeterJenkinsPlugin 4.26 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

5.3CVSS5.2AI score0.00218EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/12/10 12:0 a.m.•7 views

Path traversal vulnerability in pipeline-reporter-by-redpen

pipeline-reporter-by-redpen 1.054.v7b9517b6b202 and earlier does not correctly perform path validation of the workspace directory while uploading artifacts to Jira. Additionally, pipeline-reporter-by-redpen does not support distributed builds, causing artifact uploads to occur from the Jenkins...

4.3CVSS5.2AI score0.0029EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/12/10 12:0 a.m.•6 views

Missing permission check on password fields

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not perform a permission check to determine whether a password field should be redacted in views. This allows attackers with View/Read permission to view encrypted password values in views. NOTE: The regular view configuration form requires...

4.3CVSS7.5AI score0.00208EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/12/10 12:0 a.m.•6 views

CSRF vulnerability on the login form

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not require a cross-site request forgery CSRF token crumb for the URL handling interactive login HTTP requests, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to trick users into logging in ...

3.5CVSS7.5AI score0.00154EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/12/10 12:0 a.m.•6 views

Exposure of system-scoped Vault credentials in hashicorp-vault-plugin

hashicorp-vault-plugin 371.v884a4dd60fb6 and earlier does not set the appropriate context for Vault credentials lookup, allowing the use of System-scoped credentials otherwise reserved for the global configuration. This allows attackers with Item/Configure permission to access and potentially...

4.3CVSS5.2AI score0.00194EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/12/10 12:0 a.m.•6 views

Build authorization token stored and displayed in plain text

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier stores build authorization tokens unencrypted in job config.xml files on the Jenkins controller. These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the job...

4.3CVSS7.6AI score0.00153EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/12/10 12:0 a.m.•9 views

OS command injection vulnerability on agents in git-client

git-client generates temporary script files to provide credentials e.g., SSHASKPASS. In git-client 6.4.0 and earlier, these script files contain the path to the workspace directory as part of a command argument. This argument is not correctly escaped, allowing attackers able to control the...

5CVSS5.5AI score0.00179EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•7 views

Replay vulnerability in saml

saml 4.583.vc68232f7018a and earlier does not implement a replay cache. This allows attackers able to obtain information about the SAML authentication flow between a user's web browser and Jenkins to replay those requests, authenticating to Jenkins as that user. saml 4.583.585.v22ccc1139f55...

7.5CVSS5.2AI score0.00387EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•8 views

API Keys stored in plain text by curseforge-publisher

curseforge-publisher 1.0 and earlier stores API Keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the job configuratio...

4.3CVSS5.3AI score0.00237EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•5 views

Authorization Token stored in plain text by openshift-pipeline

openshift-pipeline 1.0.57 and earlier stores authorization tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These token can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As of publication of...

4.3CVSS5.2AI score0.00179EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•7 views

CSRF vulnerability and missing permission check in publish-to-bitbucket

publish-to-bitbucket 0.4 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

5.4CVSS5.1AI score0.00222EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•11 views

CSRF vulnerability in extensible-choice-parameter

extensible-choice-parameter 239.v5f5c278708cf and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to execute sandboxed Groovy code. As of publication of this advisory, there is no fix...

5.4CVSS5.3AI score0.00236EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•6 views

XXE vulnerability in jdepend

jdepend 1.3.1 and earlier includes an outdated version of JDepend Maven Plugin that does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to configure input files for the "Report JDepend" step to have Jenkins parse a crafted file that uses extern...

7.1CVSS5.4AI score0.0032EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•6 views

Java protection mechanism disabled in eggplant-runner

eggplant-runner 0.0.1.301.v963cffe8ddb8 and earlier sets the Java system property jdk.http.auth.tunneling.disabledSchemes to an empty value as part of applying a proxy configuration. This disables https://www.oracle.com/java/technologies/javase/8u111-relnotes.htmla protection mechanism of the Jav...

5.9CVSS7.2AI score0.03937EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•7 views

CSRF vulnerability and missing permission check in windocks-start-container

windocks-start-container 1.4 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL. Additionally, this endpoint does not require POST requests, resulting in a cross-site request forgery CSRF...

4.3CVSS5.1AI score0.00227EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•8 views

CSRF vulnerability and missing permission check in themis

themis 1.4.1 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL. Additionally, this endpoint does not require POST requests, resulting in a cross-site request forgery CSRF vulnerability. A...

4.3CVSS5.1AI score0.00269EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•7 views

Missing permission checks in mcp-server

mcp-server 0.84.v50ca24ef83f2 and earlier does not perform permission checks in several MCP tools. This allows to do the following: Attackers with Item/Read permission can obtain information about the configured SCM in a job despite lacking Item/Extended Read permission getJobScm. Attackers with...

5.4CVSS5.2AI score0.00239EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•11 views

CSRF vulnerability and missing permission checks in nexus-task-runner

nexus-task-runner 0.9.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password. Additionally, this endpoint does not require POST requests,...

4.3CVSS5.1AI score0.00227EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•6 views

API tokens stored in plain text by byteguard-build-actions

byteguard-build-actions 1.0 and earlier stores API tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the job...

4.3CVSS5.3AI score0.00158EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•11 views

Missing permission check in publish-to-bitbucket allows enumerating credentials IDs

publish-to-bitbucket 0.4 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials...

4.3CVSS5.2AI score0.00245EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•36 views

Shell command injection vulnerability in Azure CLI

Azure CLI 0.9 and earlier does not restrict which commands it executes on the Jenkins controller. This allows attackers with Item/Configure permission to execute arbitrary shell commands on the Jenkins controller. As of publication of this advisory, there is no fix. Learn why we announce this...

8.8CVSS5.7AI score0.00556EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/09/17 12:0 a.m.•4 views

HTTP/2 denial of service vulnerability in bundled Jetty

Jenkins bundles Winstone-Jetty, a wrapper around Jetty, to act as HTTP and servlet server when started using java -jar jenkins.war. This is how Jenkins is run when using any of the installers or packages, but not when run using servlet containers such as Tomcat. Jenkins 2.523 and earlier, LTS...

7.7CVSS6.9AI score0.01567EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/09/17 12:0 a.m.•8 views

Missing permission check allows obtaining agent names

Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a permission check in the sidepanel of a page intentionally accessible to users lacking Overall/Read permission. This allows attackers without Overall/Read permission to list agent names through its sidepanel executors widget...

5.3CVSS7.7AI score0.04735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/09/17 12:0 a.m.•7 views

Log message injection vulnerability

In Jenkins 2.527 and earlier, LTS 2.516.2 and earlier, the log formatter that prepares log messages for console output including jenkins.log and equivalent does not restrict or transform the characters that can be inserted from user-specified content in log messages. This allows attackers able to...

5.3CVSS7.3AI score0.00335EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/09/17 12:0 a.m.•5 views

Missing permission check in authenticated users' profile menu

Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a permission check for the authenticated user profile dropdown menu. This allows attackers without Overall/Read permission to obtain limited information about the Jenkins configuration by listing available options in this menu...

4.3CVSS7.3AI score0.00448EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/09/03 12:0 a.m.•34 views

File system information disclosure vulnerability in git-client

git-client 6.3.2 and earlier, except 6.1.4 and 6.2.1, allows specifying the experimental amazon-s3 protocol for use with the bundled JGit library. This protocol authenticates against Amazon S3 based on contents of the file whose path is provided as the authority part of the URL...

4.3CVSS5.3AI score0.00288EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/09/03 12:0 a.m.•6 views

SMTP command injection vulnerability in jakarta-mail-api

jakarta-mail-api 2.1.3-2 and earlier bundles versions of Angus Mail vulnerable to https://vulners.com/cve/CVE-2025-7962CVE-2025-7962. This allows attackers able to control recipient email addresses of emails sent by Jenkins to send emails with arbitrary contents to arbitrary recipients...

7.5CVSS6.4AI score0.00756EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/09/03 12:0 a.m.•9 views

Missing permission checks in global-build-stats allow enumerating graph IDs

global-build-stats 322.v22f4db18e2dd and earlier does not perform permission checks in its REST API endpoints. This allows attackers with Overall/Read permission to enumerate graph IDs. These IDs can be used to access those graphs. global-build-stats 347.v32aeb0493c4f requires Overall/Administer...

4.3CVSS5.2AI score0.00258EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/09/03 12:0 a.m.•4 views

Missing permission check in opentelemetry allows capturing credentials

opentelemetry 3.1543.v8446b92bcd64 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturi...

4.2CVSS5.2AI score0.00223EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•4 views

Missing input validation for parameter values in git-parameter

git-parameter implements a choice build parameter that lists the configured Git SCM’s branches, tags, pull requests, and revisions. git-parameter 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices. This allows...

8.2CVSS8.1AI score0.00618EPSS
Exploits1Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•4 views

Improper masking of credentials in credentials-binding

credentials-binding 687.v619cb15e923f and earlier does not properly mask i.e., replace with asterisks credentials present in exception error messages that are written to the build log. credentials-binding 687.689.v1af775332fc9 rethrows exceptions that contain credentials, masking those credential...

7.3CVSS5.2AI score0.00321EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•6 views

Credentials stored and displayed in plain text by soapui-pro-functional-testing

soapui-pro-functional-testing 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These credentials can be viewed by users with Item/Extended Read permission or access to the...

6.5CVSS5.6AI score0.00347EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•4 views

Stored XSS vulnerability in applitools-eyes

applitools-eyes 1.16.5 and earlier does not escape the Applitools URL on the build page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. applitools-eyes 1.16.6 rejects Applitools URLs that contain HTML metacharacters...

8CVSS5.3AI score0.00243EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•5 views

Tokens stored and displayed in plain text by ApicaLoadtest

ApicaLoadtest 1.10 and earlier stores Apica Loadtest LTP authentication tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

6.5CVSS5.6AI score0.00314EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•5 views

Tokens stored and displayed in plain text by deadmanssnitch

deadmanssnitch 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the job configuratio...

6.5CVSS6AI score0.00262EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•6 views

API Auth keys stored and displayed in plain text by vaddy-plugin

vaddy-plugin 1.2.8 and earlier stores Vaddy API Auth Keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the job...

6.5CVSS5.6AI score0.00218EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•5 views

Keys stored and displayed in plain text by nouvola-divecloud

nouvola-divecloud 1.08 and earlier stores DiveCloud API Keys and Credentials Encryption Keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller fil...

6.5CVSS6.4AI score0.00175EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•6 views

Passwords stored in plain text by warrior

warrior 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These passwords can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As of publication of this advisory, there...

6.5CVSS6.4AI score0.00291EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•5 views

Tokens stored in plain text by aqua-security-scanner

aqua-security-scanner 3.2.8 and earlier stores Scanner Tokens for Aqua API unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As of...

4.3CVSS5AI score0.00191EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•5 views

API keys stored and displayed in plain text by applitools-eyes

applitools-eyes 1.16.5 and earlier stores Applitools API keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the job...

6.5CVSS6AI score0.00252EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•4 views

API keys displayed without masking by testsigma

testsigma stores Testsigma API keys in job config.xml files on the Jenkins controller as part of its configuration. While these API keys are stored encrypted on disk, in testsigma 1.6 and earlier, the job configuration form does not mask these API keys, increasing the potential for attackers to...

4.3CVSS5.1AI score0.00222EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•5 views

Keys stored in plain text by ifttt-build-notifier

ifttt-build-notifier 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As of publication ...

6.5CVSS6.4AI score0.00281EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•8 views

Token stored and displayed in plain text by sensedia-api-platform

sensedia-api-platform 1.0 stores the Sensedia API Manager integration token unencrypted in its global configuration file com.sensedia.configuration.SensediaApiConfiguration.xml on the Jenkins controller as part of its configuration. This token can be viewed by users with access to the Jenkins...

6.5CVSS5.9AI score0.00252EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•9 views

AWS Secret Key stored and displayed in plain text by statistics-gatherer

statistics-gatherer 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml on the Jenkins controller as part of its configuration. This key can be viewed by users with access to the Jenkins...

6.5CVSS5.9AI score0.00354EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/07/09 12:0 a.m.•14 views

API keys stored and displayed in plain text by qmetry-test-management

qmetry-test-management 1.13 and earlier stores Qmetry Automation API Keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

6.5CVSS5.6AI score0.00226EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464