Filter
AND
-Infinity
0

Trending

Last week
Last month
Last year

JenkinsJenkins AsakusaSatellite Plugin 0.1.1 and earlier does not mask AsakusaSatellite API keys displayed …

medium
5.5
EPSS
0.03%
First published (updated )
CVE-2025-31728

JenkinsJenkins AsakusaSatellite Plugin 0.1.1 and earlier stores AsakusaSatellite API keys unencrypted in jo…

medium
5.5
EPSS
0.03%
First published (updated )
CVE-2025-31727

maven/org.jenkins-ci.main:jenkins-coreA missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers wi…

medium
4.3
EPSS
0.03%
First published (updated )
CVE-2025-31721

maven/org.jenkins-ci.main:jenkins-coreA missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers wi…

medium
4.3
EPSS
0.03%
First published (updated )
CVE-2025-31720

maven/org.jenkins-ci.main:jenkins-coreIn Jenkins 2.499 and earlier, LTS 2.492.1 and earlier, redirects starting with backslash (`\`) chara…

medium
4.3
EPSS
0.03%
First published (updated )
CVE-2025-27625

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

maven/org.jenkins-ci.main:jenkins-coreCSRF

medium
5.4
EPSS
0.02%
First published (updated )
CVE-2025-27624

maven/org.jenkins-ci.main:jenkins-coreJenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when …

medium
4.3
EPSS
0.01%
First published (updated )
CVE-2025-27623

maven/org.jenkins-ci.main:jenkins-coreJenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when …

medium
4.3
EPSS
0.01%
First published (updated )
CVE-2025-27622

maven/com.cloudtp.jenkins:paaslane-estimateMissing permission checks in Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier allow attackers with…

medium
4.3
First published (updated )
CVE-2023-50779

maven/com.cloudtp.jenkins:paaslane-estimateJenkins PaaSLane Estimate Plugin 1.0.4 and earlier does not mask PaaSLane authentication tokens disp…

medium
4.3
First published (updated )
CVE-2023-50777

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

maven/com.cloudtp.jenkins:paaslane-estimateJenkins PaaSLane Estimate Plugin 1.0.4 and earlier stores PaaSLane authentication tokens unencrypted…

medium
4.3
First published (updated )
CVE-2023-50776

maven/org.jenkins-ci.plugins:jiraJenkins Jira Plugin 3.11 and earlier does not set the appropriate context for credentials lookup, al…

medium
6.5
First published (updated )
CVE-2023-49653

maven/org.jenkins-ci.plugins:google-compute-engineIncorrect permission checks in Jenkins Google Compute Engine Plugin 4.550.vb_327fca_3db_11 and earli…

medium
4.3
First published (updated )
CVE-2023-49652

maven/org.jenkins-ci.plugins:zanataJenkins Zanata Plugin 0.6 and earlier uses a non-constant time comparison function when checking whe…

medium
5.3
First published (updated )
CVE-2023-46660

maven/org.jenkins-ci.plugins:gogs-webhookJenkins Gogs Plugin 1.0.15 and earlier uses a non-constant time comparison function when checking wh…

medium
5.3
First published (updated )
CVE-2023-46657

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

maven/org.jenkins-ci.plugins:lambdatest-automationJenkins lambdatest-automation Plugin 1.20.10 and earlier logs LAMBDATEST Credentials access token at…

medium
6.5
First published (updated )
CVE-2023-46653

maven/org.jenkins-ci.plugins:lambdatest-automationA missing permission check in Jenkins lambdatest-automation Plugin 1.20.9 and earlier allows attacke…

medium
4.3
First published (updated )
CVE-2023-46652

maven/io.jenkins.plugins:warnings-ngInfoleak

medium
6.5
First published (updated )
CVE-2023-46651

maven/org.tap4j:tapXSS

medium
5.4
First published (updated )
CVE-2023-41940

maven/org.jenkins-ci.plugins:ivyCSRF

medium
6.5
First published (updated )
CVE-2023-41938

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

JenkinsArbitrary File Read in Fusion File Manager

medium
5.5
First published (updated )
CVE-2023-4480

maven/org.jenkins-ci.plugins:gogs-webhookInfoleak

medium
6.5
First published (updated )
CVE-2023-40348

maven/org.jenkins-ci.plugins:gogs-webhookJenkins Gogs Plugin 1.0.15 and earlier improperly initializes an option to secure its webhook endpoi…

medium
6.5
First published (updated )
CVE-2023-40349

maven/org.jenkins-ci.plugins:cloudbees-folderCSRF

medium
4.3
First published (updated )
CVE-2023-40337

maven/org.jenkins-ci.plugins:bazaarCSRF

medium
5.3
First published (updated )
CVE-2023-39156

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

maven/org.jenkins-ci.plugins:gradleAlways-incorrect control flow implementation in Jenkins Gradle Plugin 2.8 may result in credentials …

medium
6.5
First published (updated )
CVE-2023-39152

maven/io.jenkins.plugins:benchmark-evaluatorCSRF

medium
5.4
First published (updated )
CVE-2023-37963

maven/com.mabl.integration.jenkins:mabl-integrationCSRF

medium
6.5
First published (updated )
CVE-2023-37953

maven/com.mabl.integration.jenkins:mabl-integrationCSRF

medium
6.5
First published (updated )
CVE-2023-37952

maven/com.mabl.integration.jenkins:mabl-integrationJenkins mabl Plugin 0.0.46 and earlier does not set the appropriate context for credentials lookup, …

medium
6.5
First published (updated )
CVE-2023-37951

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203