Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins jenkins vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2022-30958
A cross-site request forgery (CSRF) vulnerability in Jenkins SSH Plugin 2.6.1 and previous versions allows malicious users to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenk...
Jenkins Ssh
1 Github repository
6.8
CVSSv2
CVE-2022-30972
A cross-site request forgery (CSRF) vulnerability in Jenkins Storable Configs Plugin 1.0 and previous versions allows malicious users to have Jenkins parse a local XML file (e.g., archived artifacts) that uses external entities for extraction of secrets from the Jenkins controlle...
Jenkins Storage Configs
6.8
CVSSv2
CVE-2022-30969
A cross-site request forgery (CSRF) vulnerability in Jenkins Autocomplete Parameter Plugin 1.1 and previous versions allows malicious users to execute arbitrary code without sandbox protection if the victim is an administrator.
Jenkins Autocomplete Parameter
6.8
CVSSv2
CVE-2022-1304
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.
E2fsprogs Project E2fsprogs 1.46.5
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
6.8
CVSSv2
CVE-2022-29050
A cross-site request forgery (CSRF) vulnerability in Jenkins Publish Over FTP Plugin 1.16 and previous versions allows malicious users to connect to an FTP server using attacker-specified credentials.
Jenkins Publish Over Ftp
6.8
CVSSv2
CVE-2022-28136
A cross-site request forgery (CSRF) vulnerability in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and previous versions allows malicious users to connect to an attacker-specified URL using attacker-specified credentials.
Jenkins Jiratestresultreporter
6.8
CVSSv2
CVE-2022-28150
A cross-site request forgery (CSRF) vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and previous versions allows malicious users to change the owners and item-specific permissions of a job.
Jenkins Job And Node Ownership
6.8
CVSSv2
CVE-2022-27204
A cross-site request forgery vulnerability in Jenkins Extended Choice Parameter Plugin 346.vd87693c5a_86c and previous versions allows malicious users to connect to an attacker-specified URL.
Jenkins Extended Choice Parameter
6.8
CVSSv2
CVE-2022-25194
A cross-site request forgery (CSRF) vulnerability in Jenkins autonomiq Plugin 1.15 and previous versions allows malicious users to connect to an attacker-specified URL server using attacker-specified credentials.
Jenkins Autonomiq
6.8
CVSSv2
CVE-2022-25198
A cross-site request forgery (CSRF) vulnerability in Jenkins SCP publisher Plugin 1.8 and previous versions allows malicious users to connect to an attacker-specified SSH server using attacker-specified credentials.
Jenkins Scp Publisher
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »