Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / jenkins

jenkins

1,755 tracked vulnerabilities.

CVE-2019-10353 HIGH

Jenkins < 2.176.1 and < 2.185 - Cross-Site Request Forgery via Non-Expiring Tokens

CVE-2019-10352 MEDIUM

Jenkins < 2.176.1, < 2.185 - Authenticated Arbitrary File Write via File Parameter

CVE-2019-10351 HIGH

Jenkins Caliper CI Plugin < 2.3 - Cleartext Storage of Sensitive Information in Job Configuration

CVE-2019-10350 HIGH

Jenkins Port Allocator Plugin < 1.8 - Cleartext Storage of Sensitive Information in Job Config Files

CVE-2019-10349 MEDIUM

Jenkins Dependency Graph Viewer Plugin < 0.13 - Stored Cross-Site Scripting

CVE-2019-10348 HIGH

Jenkins Gogs Plugin < 1.0.14 - Cleartext Storage of Sensitive Information in Job Config Files

CVE-2019-10347 HIGH

Jenkins Mashup Portlets < 1.0.9 - Insufficiently Protected Credentials

CVE-2019-10346 MEDIUM

Jenkins Embeddable Build Status Plugin < 2.0.1 - Reflected Cross-Site Scripting

CVE-2019-10342 MEDIUM

Jenkins Docker Plugin < 1.1.6 - Missing Authorization in fillCredentialsIdItems Methods

CVE-2019-10341 MEDIUM

Jenkins Docker Plugin < 1.1.6 - Missing Authorization in Test Connection Feature

CVE-2019-10340 HIGH

Jenkins Docker Plugin < 1.1.6 - Cross-Site Request Forgery via Test Connection

CVE-2019-10339 HIGH

Jenkins JX Resources Plugin <= 1.0.36 - Missing Authorization in GlobalPluginConfiguration

CVE-2019-10338 HIGH

Jenkins JX Resources Plugin < 1.0.36 - Cross-Site Request Forgery via GlobalPluginConfiguration#doValidateClient

CVE-2019-10337 HIGH

Jenkins Token Macro Plugin < 2.7 - XML External Entity Injection via XML Macro

CVE-2019-10336 MEDIUM

Jenkins ElectricFlow < 1.1.6 - Cross-Site Scripting via Post-Build Step Configuration

CVE-2019-10335 MEDIUM

Jenkins ElectricFlow < 1.1.6 - Stored Cross-Site Scripting via Build Status Page

CVE-2019-10334 MEDIUM

Jenkins ElectricFlow < 1.1.5 - SSL/TLS and Hostname Verification Disabled via MultipartUtility.java

CVE-2019-10333 MEDIUM

Jenkins ElectricFlow < 1.1.5 - Missing Authorization in HTTP Endpoints

CVE-2019-10332 MEDIUM

Jenkins ElectricFlow < 1.1.5 - Missing Authorization in Configuration Connection Test

CVE-2019-10331 MEDIUM

Jenkins ElectricFlow < 1.1.5 - Cross-Site Request Forgery via Configuration Test Connection

CVE-2019-10328 CRITICAL

Jenkins Pipeline Remote Loader Plugin <1.4 - Code Injection

CVE-2019-10327 HIGH

Jenkins Pipeline Maven Integration Plugin < 1.7.0 - XML External Entity Injection via Malicious XML File

CVE-2019-10326 MEDIUM

Jenkins Warnings NG Plugin <= 5.0.0 - Cross-Site Request Forgery

CVE-2019-10325 MEDIUM

Jenkins Warnings NG Plugin < 5.0.0 - Authenticated Stored Cross-Site Scripting in Build Overview Pages

CVE-2019-10320 MEDIUM

Jenkins Credentials Plugin <2.1.18 - Info Disclosure

Previous Page 53 of 71 Next

Products

jenkins 259 pipeline\ 37 script_security 33 blue_ocean 11 git 11 email_extension 10 active_directory 9 build_failure_analyzer 9 config_file_provider 9 configuration_as_code 9 ns-nd_integration_performance_publisher 8 credentials_binding 7 github_branch_source 7 html_publisher 7 kubernetes 7 openid_connect_authentication 7 openshift_deployer 7 rundeck 7 subversion 7 amazon_ec2 6 azure_ad 6 azure_vm_agents 6 deployment_dashboard 6 electricflow 6 gerrit_trigger 6 github 6 github_pull_request_builder 6 gitlab 6 google_compute_engine 6 hashicorp_vault 6

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy