4.3

CVSS3.1

CVE-2025-31723 -

A cross-site request forgery (CSRF) vulnerability in Jenkins Simple Queue Plugin 1.4.6 and earlier allows attackers to change and reset the build queue order.

๐Ÿ“… Published: April 2, 2025, 2:59 p.m. ๐Ÿ”„ Last Modified: April 17, 2025, 2:53 p.m.

8.8

CVSS3.1

CVE-2025-31722 -

In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM.

๐Ÿ“… Published: April 2, 2025, 2:59 p.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 6:29 p.m.

4.3

CVSS3.1

CVE-2025-31721 - jenkins: Missing permission check allows retrieving secrets from agent configurations

A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Configure permission to copy an agent, gaining access to encrypted secrets in its configuration.

๐Ÿ“… Published: April 2, 2025, 2:59 p.m. ๐Ÿ”„ Last Modified: April 29, 2025, 1:56 p.m.

4.3

CVSS3.1

CVE-2025-31720 - jenkins: Missing permission check allows retrieving agent configurations

A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Extended Read permission to copy an agent, gaining access to its configuration.

๐Ÿ“… Published: April 2, 2025, 2:59 p.m. ๐Ÿ”„ Last Modified: April 29, 2025, 2:03 p.m.

6.6

CVSS3.1

CVE-2024-25051 - IBM Jazz Reporting Service insufficient session expiration

IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system.

๐Ÿ“… Published: April 2, 2025, 2:57 p.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 6:29 p.m.

8.5

CVSS3.1

CVE-2024-45064 -

A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted set of network packets can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability.

๐Ÿ“… Published: April 2, 2025, 1:41 p.m. ๐Ÿ”„ Last Modified: Sept. 5, 2025, 5:11 p.m.

6.5

CVSS3.1

CVE-2024-50385 -

A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects Xโ€ฆ

๐Ÿ“… Published: April 2, 2025, 1:41 p.m. ๐Ÿ”„ Last Modified: Nov. 3, 2025, 8:16 p.m.

6.5

CVSS3.1

CVE-2024-50384 -

A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects Xโ€ฆ

๐Ÿ“… Published: April 2, 2025, 1:41 p.m. ๐Ÿ”„ Last Modified: Nov. 3, 2025, 8:16 p.m.

4.3

CVSS3.1

CVE-2024-50595 -

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.This โ€ฆ

๐Ÿ“… Published: April 2, 2025, 1:41 p.m. ๐Ÿ”„ Last Modified: Nov. 3, 2025, 8:16 p.m.

4.3

CVSS3.1

CVE-2024-50594 -

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.This โ€ฆ

๐Ÿ“… Published: April 2, 2025, 1:41 p.m. ๐Ÿ”„ Last Modified: Nov. 3, 2025, 8:16 p.m.
Total resulsts: 343971
Page 5529 of 34,398
ยซ previous page ยป next page
Filters