Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-26735 |
|
SSRF (Server-Side Request Forgery) in prometheus (CVE-2023-26735)
SSRF in prometheus (CVE-2023-26735). Confidential information can be exposed externally.
|
| CVE-2021-39226 KEV |
|
[KEV] Authentication Bypass in Grafana labs grafana-labs (CVE-2021-39226)
authentication bypass in Grafana labs grafana-labs (CVE-2021-39226). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-1003029 KEV |
|
[KEV] Vulnerability in Jenkins script-security-plugin (CVE-2019-1003029)
vulnerability in Jenkins script-security-plugin (CVE-2019-1003029). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-1003030 KEV |
|
[KEV] Vulnerability in Jenkins matrix-project-plugin (CVE-2019-1003030)
vulnerability in Jenkins matrix-project-plugin (CVE-2019-1003030). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-1000861 KEV |
|
[KEV] Unsafe Deserialization in jenkins (CVE-2018-1000861)
vulnerability in jenkins (CVE-2018-1000861). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-8562 |
|
Vulnerability in k8s.io/kubernetes (CVE-2020-8562)
vulnerability in k8s.io/kubernetes (CVE-2020-8562). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-15752 KEV |
|
[KEV] Vulnerability in Docker desktop-community-edition (CVE-2019-15752)
vulnerability in Docker desktop-community-edition (CVE-2019-15752). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-8561 |
|
Vulnerability in k8s.io/kubernetes (CVE-2020-8561)
vulnerability in k8s.io/kubernetes (CVE-2020-8561). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-25740 |
|
Vulnerability in k8s.io/kubernetes (CVE-2021-25740)
vulnerability in k8s.io/kubernetes (CVE-2021-25740). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-8554 |
|
Vulnerability in k8s.io/kubernetes (CVE-2020-8554)
vulnerability in k8s.io/kubernetes (CVE-2020-8554). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-4100 |
|
Vulnerability in puppet (CVE-2015-4100)
vulnerability in puppet (CVE-2015-4100). Confidential information can be exposed externally.
|
| CVE-2015-7224 |
|
Authentication Bypass in puppet (CVE-2015-7224)
authentication bypass in puppet (CVE-2015-7224). Successful exploitation can lead to full system takeover.
|
| CVE-2014-3250 |
|
Vulnerability in apache (CVE-2014-3250)
vulnerability in apache (CVE-2014-3250). Confidential information can be exposed externally.
|
| CVE-2015-6502 |
|
Cross-Site Scripting (XSS) in puppet (CVE-2015-6502)
cross-site scripting in puppet (CVE-2015-6502). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8470 |
|
Information Disclosure in puppet (CVE-2015-8470)
vulnerability in puppet (CVE-2015-8470). Confidential information can be exposed externally.
|
| CVE-2016-5713 |
|
Code Injection in puppet (CVE-2016-5713)
code injection in puppet (CVE-2016-5713). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17383 |
|
Cross-Site Scripting (XSS) in jenkins (CVE-2017-17383)
cross-site scripting in jenkins (CVE-2017-17383). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7550 |
|
Vulnerability in ansible (CVE-2017-7550)
vulnerability in ansible (CVE-2017-7550). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.3.3.0, 2.4.1.0` or later.
|
| CVE-2017-14992 |
|
Vulnerability in dos (CVE-2017-14992)
vulnerability in dos (CVE-2017-14992). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000242 |
|
Information Disclosure in jenkins (CVE-2017-1000242)
vulnerability in jenkins (CVE-2017-1000242). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000243 |
|
Vulnerability in jenkins (CVE-2017-1000243)
vulnerability in jenkins (CVE-2017-1000243). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000244 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-1000244)
vulnerability in csrf (CVE-2017-1000244). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000245 |
|
Vulnerability in jenkins (CVE-2017-1000245)
vulnerability in jenkins (CVE-2017-1000245). Successful exploitation can lead to full system takeover.
|
| CVE-2016-5714 |
|
Vulnerability in puppet (CVE-2016-5714)
vulnerability in puppet (CVE-2016-5714). Successful exploitation can lead to full system takeover.
|
| CVE-2014-0047 |
|
Vulnerability in docker (CVE-2014-0047)
vulnerability in docker (CVE-2014-0047). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000102 |
|
Cross-Site Scripting (XSS) in jenkins (CVE-2017-1000102)
cross-site scripting in jenkins (CVE-2017-1000102). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000103 |
|
Cross-Site Scripting (XSS) in jenkins (CVE-2017-1000103)
cross-site scripting in jenkins (CVE-2017-1000103). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000104 |
|
Privilege Escalation in jenkins (CVE-2017-1000104)
vulnerability in jenkins (CVE-2017-1000104). Confidential information can be exposed externally.
|
| CVE-2017-1000105 |
|
Vulnerability in jenkins (CVE-2017-1000105)
vulnerability in jenkins (CVE-2017-1000105). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000106 |
|
Authentication Bypass in jenkins (CVE-2017-1000106)
authentication bypass in jenkins (CVE-2017-1000106). Data can be tampered with by attackers.
|
| CVE-2017-1000107 |
|
Vulnerability in jenkins (CVE-2017-1000107)
vulnerability in jenkins (CVE-2017-1000107). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000108 |
|
Information Disclosure in jenkins (CVE-2017-1000108)
vulnerability in jenkins (CVE-2017-1000108). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000109 |
|
Cross-Site Scripting (XSS) in jenkins (CVE-2017-1000109)
cross-site scripting in jenkins (CVE-2017-1000109). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000110 |
|
Authentication Bypass in jenkins (CVE-2017-1000110)
authentication bypass in jenkins (CVE-2017-1000110). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000113 |
|
Information Disclosure in jenkins (CVE-2017-1000113)
vulnerability in jenkins (CVE-2017-1000113). Confidential information can be exposed externally.
|
| CVE-2017-1000114 |
|
Information Disclosure in c (CVE-2017-1000114)
vulnerability in c (CVE-2017-1000114). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000084 |
|
Vulnerability in jenkins (CVE-2017-1000084)
vulnerability in jenkins (CVE-2017-1000084). Data can be tampered with by attackers.
|
| CVE-2017-1000085 |
|
Cross-Site Request Forgery (CSRF) in jenkins (CVE-2017-1000085)
vulnerability in jenkins (CVE-2017-1000085). Confidential information can be exposed externally.
|
| CVE-2017-1000086 |
|
Vulnerability in jenkins (CVE-2017-1000086)
vulnerability in jenkins (CVE-2017-1000086). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000087 |
|
Information Disclosure in jenkins (CVE-2017-1000087)
vulnerability in jenkins (CVE-2017-1000087). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000088 |
|
Cross-Site Scripting (XSS) in jenkins (CVE-2017-1000088)
cross-site scripting in jenkins (CVE-2017-1000088). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000089 |
|
Vulnerability in jenkins (CVE-2017-1000089)
vulnerability in jenkins (CVE-2017-1000089). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000090 |
|
Cross-Site Request Forgery (CSRF) in jenkins (CVE-2017-1000090)
vulnerability in jenkins (CVE-2017-1000090). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000091 |
|
Cross-Site Request Forgery (CSRF) in jenkins (CVE-2017-1000091)
vulnerability in jenkins (CVE-2017-1000091). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000092 |
|
Cross-Site Request Forgery (CSRF) in jenkins (CVE-2017-1000092)
vulnerability in jenkins (CVE-2017-1000092). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000093 |
|
Cross-Site Request Forgery (CSRF) in jenkins (CVE-2017-1000093)
vulnerability in jenkins (CVE-2017-1000093). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000094 |
|
Information Disclosure in jenkins (CVE-2017-1000094)
vulnerability in jenkins (CVE-2017-1000094). Confidential information can be exposed externally.
|
| CVE-2017-1000095 |
|
Vulnerability in jenkins (CVE-2017-1000095)
vulnerability in jenkins (CVE-2017-1000095). Confidential information can be exposed externally.
|
| CVE-2017-1000096 |
|
Vulnerability in c (CVE-2017-1000096)
vulnerability in c (CVE-2017-1000096). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8559 |
|
Information Disclosure in chef (CVE-2015-8559)
vulnerability in chef (CVE-2015-8559). Confidential information can be exposed externally.
|