Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
publisher vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-41230
Jenkins Build-Publisher Plugin 1.22 and previous versions does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain names and URLs of Jenkins servers that the plugin is configured to publish builds to, as well as builds pen...
Jenkins Build-publisher
NA
CVE-2022-41231
Jenkins Build-Publisher Plugin 1.22 and previous versions allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by providing a crafted file name to an API endpoint.
Jenkins Build-publisher
NA
CVE-2022-41232
A cross-site request forgery (CSRF) vulnerability in Jenkins Build-Publisher Plugin 1.22 and previous versions allows malicious users to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API endpoint.
Jenkins Build-publisher
NA
CVE-2023-1080
The GN Publisher plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated malicious users...
Gnpublisher Gn Publisher
NA
CVE-2023-37958
A cross-site request forgery (CSRF) vulnerability in Jenkins Sumologic Publisher Plugin 2.2.1 and previous versions allows malicious users to connect to an attacker-specified URL.
Jenkins Sumologic Publisher
NA
CVE-2023-37959
A missing permission check in Jenkins Sumologic Publisher Plugin 2.2.1 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified URL.
Jenkins Sumologic Publisher
605
VMScore
CVE-2016-10395
In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and su...
Flexerasoftware Flexnet Publisher
356
VMScore
CVE-2019-1003045
A vulnerability in Jenkins ECS Publisher Plugin 1.0.0 and previous versions allows attackers with Item/Extended Read permission, or local file system access to the Jenkins home directory to obtain the API token configured in this plugin's configuration.
Trustsource Ecs Publisher
383
VMScore
CVE-2019-1003058
A cross-site request forgery vulnerability in Jenkins FTP publisher Plugin in the FTPPublisher.DescriptorImpl#doLoginCheck method allows malicious users to initiate a connection to an attacker-specified server.
Jenkins Ftp Publisher
356
VMScore
CVE-2019-1003055
Jenkins FTP publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
Jenkins Ftp Publisher
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »