Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / jenkins

jenkins

1,755 tracked vulnerabilities.

CVE-2021-21637 MEDIUM

Jenkins Team Foundation Server Plugin < 5.157.1 - Missing Authorization for Credential Capture via URL Connection

CVE-2021-21636 MEDIUM

Jenkins Team Foundation Server Plugin < 5.157.1 - Missing Authorization for Credentials Enumeration

CVE-2021-21635 MEDIUM

Jenkins REST List Parameter Plugin < 1.3.0 - Stored Cross-Site Scripting via Parameter Name Reference

CVE-2021-21634 MEDIUM

Jenkins Jabber (XMPP) Notifier and Control Plugin < 1.41 - Insufficiently Protected Credentials

CVE-2021-21633 HIGH

Jenkins OWASP Dependency-Track < 3.1.0 - Cross-Site Request Forgery

CVE-2021-21632 MEDIUM

Jenkins OWASP Dependency-Track < 3.1.0 - Missing Authorization for URL Connection

CVE-2021-21631 MEDIUM

Jenkins Cloud Statistics Plugin < 0.26 - Missing Authorization in HTTP Endpoint

CVE-2021-21630 MEDIUM

Jenkins Extra Columns Plugin < 1.22 - Stored Cross-Site Scripting in Build Parameters Column

CVE-2021-21629 HIGH

Jenkins Build With Parameters Plugin < 1.5 - Cross-Site Request Forgery

CVE-2021-21628 MEDIUM

Jenkins Build With Parameters Plugin < 1.5 - Stored Cross-Site Scripting in Parameter Names and Descriptions

CVE-2021-21627 HIGH

Jenkins Libvirt Agents Plugin < 1.9.0 - Cross-Site Request Forgery

CVE-2021-21626 MEDIUM

Jenkins Warnings Next Generation Plugin <= 8.4.4 - Missing Authorization in Form Validation

CVE-2021-21625 MEDIUM

Jenkins CloudBees AWS Credentials Plugin < 1.28 - Missing Authorization in HTTP Endpoint Helper Method

CVE-2021-21624 MEDIUM

Jenkins Role-based Authorization Strategy Plugin < 3.1 - Incorrect Authorization

CVE-2021-21623 MEDIUM

Jenkins Matrix Authorization Strategy Plugin < 2.6.5 - Incorrect Authorization

CVE-2021-21622 MEDIUM

Jenkins Artifact Repository Parameter Plugin <= 1.0.0 - Stored Cross-Site Scripting in Parameter Names and Descriptions

CVE-2021-21621 MEDIUM

Jenkins Support Core Plugin < 2.72 - Exposure of Sensitive Information via Serialized User Authentication

CVE-2021-21620 MEDIUM

Jenkins Claim Plugin < 2.18.1 - Cross-Site Request Forgery

CVE-2021-21619 MEDIUM

Jenkins Claim Plugin < 2.18.1 - Stored Cross-Site Scripting via User Display Name

CVE-2021-21618 MEDIUM

Jenkins Repository Connector Plugin < 2.0.2 - Stored Cross-Site Scripting in Parameter Names and Descriptions

CVE-2021-21617 HIGH

Jenkins Configuration Slicing Plugin < 1.51 - Cross-Site Request Forgery

CVE-2021-21616 MEDIUM

Jenkins Active Choices Plugin < 2.5.2 - Stored Cross-Site Scripting via Reference Parameter Values

CVE-2021-21615 MEDIUM

Jenkins < 2.263.3 and < 2.276 - Arbitrary File Read via Workspace File Browser TOCTOU Race Condition

CVE-2021-21614 MEDIUM

Jenkins Bumblebee HP ALM Plugin <= 4.1.5 - Insufficiently Protected Credentials

CVE-2021-21613 MEDIUM

Jenkins TICS Plugin < 2020.3.0.6 - Cross-Site Scripting via TICS Service Response

Previous Page 36 of 71 Next

Products

jenkins 259 pipeline\ 37 script_security 33 blue_ocean 11 git 11 email_extension 10 active_directory 9 build_failure_analyzer 9 config_file_provider 9 configuration_as_code 9 ns-nd_integration_performance_publisher 8 credentials_binding 7 github_branch_source 7 html_publisher 7 kubernetes 7 openid_connect_authentication 7 openshift_deployer 7 rundeck 7 subversion 7 amazon_ec2 6 azure_ad 6 azure_vm_agents 6 deployment_dashboard 6 electricflow 6 gerrit_trigger 6 github 6 github_pull_request_builder 6 gitlab 6 google_compute_engine 6 hashicorp_vault 6

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy