Filter
AND
-Infinity
0

Trending

Last week
Last month
Last year

maven/org.jenkins-ci.main:jenkins-coreIn Jenkins 2.499 and earlier, LTS 2.492.1 and earlier, redirects starting with backslash (`\`) chara…

medium
4.3
EPSS
0.06%
First published (updated )
CVE-2025-27625

maven/org.jenkins-ci.main:jenkins-coreCSRF

medium
5.4
EPSS
0.04%
First published (updated )
CVE-2025-27624

maven/org.jenkins-ci.main:jenkins-coreJenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when …

medium
4.3
EPSS
0.04%
First published (updated )
CVE-2025-27623

maven/org.jenkins-ci.main:jenkins-coreJenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when …

medium
4.3
EPSS
0.04%
First published (updated )
CVE-2025-27622

maven/org.jenkins-ci.plugins:jiraJenkins Jira Plugin 3.11 and earlier does not set the appropriate context for credentials lookup, al…

medium
6.5
First published (updated )
CVE-2023-49653

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

maven/org.jenkins-ci.plugins:gogs-webhookJenkins Gogs Plugin 1.0.15 and earlier uses a non-constant time comparison function when checking wh…

medium
5.3
First published (updated )
CVE-2023-46657

maven/org.jenkins-ci.plugins:lambdatest-automationJenkins lambdatest-automation Plugin 1.20.10 and earlier logs LAMBDATEST Credentials access token at…

medium
6.5
First published (updated )
CVE-2023-46653

maven/org.jenkins-ci.plugins:lambdatest-automationA missing permission check in Jenkins lambdatest-automation Plugin 1.20.9 and earlier allows attacke…

medium
4.3
First published (updated )
CVE-2023-46652

JenkinsArbitrary File Read in Fusion File Manager

medium
5.5
First published (updated )
CVE-2023-4480

maven/org.jenkins-ci.plugins:gogs-webhookInfoleak

medium
6.5
First published (updated )
CVE-2023-40348

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

maven/org.jenkins-ci.plugins:gogs-webhookJenkins Gogs Plugin 1.0.15 and earlier improperly initializes an option to secure its webhook endpoi…

medium
6.5
First published (updated )
CVE-2023-40349

maven/org.jenkins-ci.plugins:bazaarCSRF

medium
5.3
First published (updated )
CVE-2023-39156

maven/org.jenkins-ci.plugins:sidebar-linkPath Traversal

medium
4.3
First published (updated )
CVE-2023-32985

redhat/jenkinsXSS

medium
5.4
First published (updated )
CVE-2023-25761

JenkinsJenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier stores the private keys unencry…

medium
5.5
First published (updated )
CVE-2023-24439

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

JenkinsA missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier a…

medium
6.5
First published (updated )
CVE-2023-24438

JenkinsJenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in pl…

medium
5.5
First published (updated )
CVE-2023-24440

maven/org.jenkins-ci.plugins:sonar-gerritCSRF

medium
6.5
First published (updated )
CVE-2022-46688

maven/org.jenkins-ci.plugins:delete-log-pluginCSRF

medium
5.7
First published (updated )
CVE-2022-45393

maven/org.jenkins-ci.plugins:delete-log-pluginA missing permission check in Jenkins Delete log Plugin 1.0 and earlier allows attackers with Item/R…

medium
4.3
First published (updated )
CVE-2022-45394

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

JenkinsXSS

medium
5.4
First published (updated )
CVE-2022-45401

maven/org.jenkins-ci.plugins:nunitJenkins NUnit Plugin 0.27 and earlier implements an agent-to-controller message that parses files in…

medium
5.3
First published (updated )
CVE-2022-43414

JenkinsXSS

medium
5.4
First published (updated )
CVE-2022-41240

JenkinsXSS

medium
5.4
First published (updated )
CVE-2022-41239

JenkinsJenkins Rundeck Plugin 3.6.11 and earlier does not perform Run/Artifacts permission checks in multip…

medium
4.3
First published (updated )
CVE-2022-41233

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

redhat/jenkinsJenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking …

medium
5.3
First published (updated )
CVE-2022-36885

JenkinsXSS

medium
5.4
First published (updated )
CVE-2022-34193

JenkinsXSS

medium
5.4
First published (updated )
CVE-2022-34192

redhat/jenkinsXSS

medium
5.4
First published (updated )
CVE-2022-34176

JenkinsA missing permission check in Jenkins SSH Plugin 2.6.1 and earlier allows attackers with Overall/Rea…

medium
6.5
First published (updated )
CVE-2022-30959

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203