A cross-site request forgery (CSRF) vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs ...

A cross-site request forgery (CSRF) vulnerability in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials...

A cross-site request forgery (CSRF) vulnerability in Jenkins Worksoft Execution Manager Plugin 10.0.3.503 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified ...

A cross-site request forgery (CSRF) vulnerability in Jenkins Security Inspector Plugin 117.v6eecc36919c2 and earlier allows attackers to replace the generated report stored in a per-session cache and ...

Jenkins Rundeck Plugin 3.6.11 and earlier does not protect access to the /plugin/rundeck/webhook/ endpoint, allowing users with Overall/Read permission to trigger jobs that are configured to be trigge...

A missing permission check in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers with Overall/Read permissions to connect to an attacker-specified webserver ...

A cross-site request forgery (CSRF) vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers to connect to an attacker-specified webserver using a...

An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205, login page through a manipulated URL. They can inject code that allows them to redirect submissions from ...

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple D-Link routers. Authentication is not required to exploit this vulnerability. The s...

Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in Vladimir Anokhin's Shortcodes Ultimate plugin <= 5.12.0 on WordPress.

Cross-Site Request Forgery (CSRF) in OptinlyHQ Optinly – Exit Intent, Newsletter Popups, Gamification & Opt-in Forms plugin <= 1.0.15 versions.

The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in GetDIAE_line_message_settingsListParameters. A low-privileged authenticated attacker cou...

Windows Scripting Languages Remote Code Execution Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

Azure CycleCloud Elevation of Privilege Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft ODBC Driver Remote Code Execution Vulnerability

Microsoft ODBC Driver Remote Code Execution Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an integer overflow during memory allocation, which can...

The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in CheckIoTHubNameExisted. A low-privileged authenticated attacker could exploit this issue...