Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 ... Result(s) : 231371

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
N/A 2023-01-26 CVE-2023-24434 cve A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers to connect to an attacker-specified URL using...
N/A 2023-01-26 CVE-2023-24435 cve A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...
N/A 2023-01-26 CVE-2023-24436 cve A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credent...
N/A 2023-01-26 CVE-2023-24437 cve A cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers to connect to an attacker-specified UR...
N/A 2023-01-26 CVE-2023-24438 cve A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specif...
N/A 2023-01-26 CVE-2023-24439 cve Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier stores the private keys unencrypted in its global configuration file on the Jenkins controller where it can ...
N/A 2023-01-26 CVE-2023-24440 cve Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in plain text as part of the global Jenkins configuration form, potentially result...
N/A 2023-01-26 CVE-2023-24441 cve Jenkins MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
N/A 2023-01-26 CVE-2023-24442 cve Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global con...
N/A 2023-01-26 CVE-2023-24443 cve Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
N/A 2023-01-26 CVE-2023-24444 cve Jenkins OpenID Plugin 2.4 and earlier does not invalidate the previous session on login.
N/A 2023-01-26 CVE-2023-24445 cve Jenkins OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins.
N/A 2023-01-26 CVE-2023-24446 cve A cross-site request forgery (CSRF) vulnerability in Jenkins OpenID Plugin 2.4 and earlier allows attackers to trick users into logging in to the attacker's account.
N/A 2023-01-26 CVE-2023-24447 cve A cross-site request forgery (CSRF) vulnerability in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers to connect to an attacker-specified AMQP(S) URL using atta...
N/A 2023-01-26 CVE-2023-24448 cve A missing permission check in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified AMQP(S) URL usin...
N/A 2023-01-26 CVE-2023-24449 cve Jenkins PWauth Security Realm Plugin 0.4 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Overall/Read permissio...
N/A 2023-01-26 CVE-2023-24450 cve Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read pe...
N/A 2023-01-26 CVE-2023-24451 cve A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials sto...
N/A 2023-01-26 CVE-2023-24452 cve A cross-site request forgery (CSRF) vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-s...
N/A 2023-01-26 CVE-2023-24453 cve A missing check in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specif...
Page(s) : 1 ... 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 ... Result(s) : 231371