Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
publisher vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-41232
A cross-site request forgery (CSRF) vulnerability in Jenkins Build-Publisher Plugin 1.22 and previous versions allows malicious users to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API endpoint.
Jenkins Build-publisher
NA
CVE-2022-41231
Jenkins Build-Publisher Plugin 1.22 and previous versions allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by providing a crafted file name to an API endpoint.
Jenkins Build-publisher
9.3
CVSSv2
CVE-2016-7289
Microsoft Publisher 2010 SP2 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
Microsoft Publisher 2010
4
CVSSv2
CVE-2019-1003045
A vulnerability in Jenkins ECS Publisher Plugin 1.0.0 and previous versions allows attackers with Item/Extended Read permission, or local file system access to the Jenkins home directory to obtain the API token configured in this plugin's configuration.
Trustsource Ecs Publisher
6.8
CVSSv2
CVE-2022-25198
A cross-site request forgery (CSRF) vulnerability in Jenkins SCP publisher Plugin 1.8 and previous versions allows malicious users to connect to an attacker-specified SSH server using attacker-specified credentials.
Jenkins Scp Publisher
6.8
CVSSv2
CVE-2006-6180
Cross-site scripting (XSS) vulnerability in articles.asp in Expinion.net iNews Publisher (iNP) 2.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the hl parameter. NOTE: The provenance of this information is unknown; the details are...
Expinion.net Inews Publisher
NA
CVE-2023-37959
A missing permission check in Jenkins Sumologic Publisher Plugin 2.2.1 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified URL.
Jenkins Sumologic Publisher
3.5
CVSSv2
CVE-2018-1000177
A cross-site scripting vulnerability exists in Jenkins S3 Plugin 0.10.12 and older in src/main/resources/hudson/plugins/s3/S3ArtifactsProjectAction/jobMain.jelly that allows attackers able to control file names of uploaded files to define file names containing JavaScript that wou...
Jenkins S3 Publisher
4.3
CVSSv2
CVE-2019-1003058
A cross-site request forgery vulnerability in Jenkins FTP publisher Plugin in the FTPPublisher.DescriptorImpl#doLoginCheck method allows malicious users to initiate a connection to an attacker-specified server.
Jenkins Ftp Publisher
9.3
CVSSv2
CVE-2011-3411
Microsoft Publisher 2003 SP3 allows remote malicious users to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Invalid Pointer Vulnerability."
Microsoft Publisher 2003
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »