| Page(s) : 1 ... 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 ... | Result(s) : 231371 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2023-01-26 | CVE-2023-24434 | cve | A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers to connect to an attacker-specified URL using... |
| N/A | 2023-01-26 | CVE-2023-24435 | cve | A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL... |
| N/A | 2023-01-26 | CVE-2023-24436 | cve | A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credent... |
| N/A | 2023-01-26 | CVE-2023-24437 | cve | A cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers to connect to an attacker-specified UR... |
| N/A | 2023-01-26 | CVE-2023-24438 | cve | A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specif... |
| N/A | 2023-01-26 | CVE-2023-24439 | cve | Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier stores the private keys unencrypted in its global configuration file on the Jenkins controller where it can ... |
| N/A | 2023-01-26 | CVE-2023-24440 | cve | Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in plain text as part of the global Jenkins configuration form, potentially result... |
| N/A | 2023-01-26 | CVE-2023-24441 | cve | Jenkins MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. |
| N/A | 2023-01-26 | CVE-2023-24442 | cve | Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global con... |
| N/A | 2023-01-26 | CVE-2023-24443 | cve | Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. |
| N/A | 2023-01-26 | CVE-2023-24444 | cve | Jenkins OpenID Plugin 2.4 and earlier does not invalidate the previous session on login. |
| N/A | 2023-01-26 | CVE-2023-24445 | cve | Jenkins OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins. |
| N/A | 2023-01-26 | CVE-2023-24446 | cve | A cross-site request forgery (CSRF) vulnerability in Jenkins OpenID Plugin 2.4 and earlier allows attackers to trick users into logging in to the attacker's account. |
| N/A | 2023-01-26 | CVE-2023-24447 | cve | A cross-site request forgery (CSRF) vulnerability in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers to connect to an attacker-specified AMQP(S) URL using atta... |
| N/A | 2023-01-26 | CVE-2023-24448 | cve | A missing permission check in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified AMQP(S) URL usin... |
| N/A | 2023-01-26 | CVE-2023-24449 | cve | Jenkins PWauth Security Realm Plugin 0.4 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Overall/Read permissio... |
| N/A | 2023-01-26 | CVE-2023-24450 | cve | Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read pe... |
| N/A | 2023-01-26 | CVE-2023-24451 | cve | A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials sto... |
| N/A | 2023-01-26 | CVE-2023-24452 | cve | A cross-site request forgery (CSRF) vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-s... |
| N/A | 2023-01-26 | CVE-2023-24453 | cve | A missing check in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specif... |
| Page(s) : 1 ... 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 ... | Result(s) : 231371 |
