Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-2320
Jenkins Plugin Installation Manager Tool 2.1.3 and previous versions does not verify plugin downloads.
Jenkins Installation Manager Tool
10
CVSSv2
CVE-2018-1000861
A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and previous versions, LTS 2.138.3 and previous versions in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows malicious users to invoke some methods on Java objects by...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
13 Github repositories
10
CVSSv2
CVE-2017-3831
A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote malicious user to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementatio...
Cisco Aironet Access Point Software 8.1\\(112.3\\)
Cisco Aironet Access Point Software 8.1\\(112.4\\)
Cisco Aironet Access Point Software 8.1\\(15.14\\)
Cisco Aironet Access Point Software 8.1\\(131.0\\)
9.3
CVSSv2
CVE-2020-2098
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and previous versions allows malicious user to execute arbitrary OS commands as the OS user account running Jenkins.
Jenkins Sounds
9
CVSSv2
CVE-2022-23118
Jenkins Debian Package Builder Plugin 1.6.11 and previous versions implements functionality that allows agents to invoke command-line `git` at an attacker-specified path on the controller, allowing attackers able to control agent processes to invoke arbitrary OS commands on the c...
Jenkins Debian Package Builder
9
CVSSv2
CVE-2021-22112
Spring Security 5.4.x before 5.4.4, 5.3.x before 5.3.8.RELEASE, 5.2.x before 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programm...
Vmware Spring Security
Pivotal Software Spring Security
Oracle Hospitality Cruise Shipboard Property Management System 20.1.0
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Communications Unified Inventory Management 7.4.1
Oracle Insurance Policy Administration 11.3.0
Oracle Insurance Policy Administration 11.2.0
Oracle Communications Element Manager
Oracle Mysql Enterprise Monitor
1 Github repository
9
CVSSv2
CVE-2020-2276
Jenkins Selection tasks Plugin 1.0 and previous versions executes a user-specified program on the Jenkins controller, allowing attackers with Job/Configure permission to execute an arbitrary system command on the Jenkins controller as the OS user that the Jenkins process is runni...
Jenkins Selection Tasks
9
CVSSv2
CVE-2020-2159
Jenkins CryptoMove Plugin 0.1.33 and previous versions allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins.
Jenkins Cryptomove
9
CVSSv2
CVE-2017-2652
It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Overall/Read permission, allowing anyone with that permission to run arbitrary shel...
Jenkins Distributed Fork
9
CVSSv2
CVE-2017-1000393
Jenkins 2.73.1 and previous versions, 2.83 and previous versions users with permission to create or configure agents in Jenkins could configure a launch method called 'Launch agent via execution of command on master'. This allowed them to run arbitrary shell commands on...
Jenkins Jenkins
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »