Severity High Analysis Summary Kimsuky is a North Korean nation-state actor that has been active since 2012. It primarily targets South Korean government agencies and conducts […]

Severity Medium Analysis Summary CVE-2022-45403 Mozilla could allow a remote attacker to obtain sensitive information, caused by a flaw in the Service Workers comonent. By persuading […]

Severity Medium Analysis Summary CVE-2022-45394 CVSS:4.3 Jenkins Delete log Plugin could allow a remote attacker to bypass security restrictions, caused by improper permission validation. By sending […]

Severity High Analysis Summary A Vietnam-based threat group, APT32 (OceanLotus Group) is active since 2014. It is well-known for carrying out sophisticated attacks on a variety of […]

Severity High Analysis Summary CVE-2022-45391 CVSS:7.1Jenkins NS-ND Integration Performance Publisher Plugin could allow a remote authenticated attacker to obtain sensitive information, caused by the disable of […]

Severity Medium Analysis Summary CVE-2022-45390 Jenkins loader.io Plugin could allow a remote authenticated attacker to obtain sensitive information, caused by not perform a permission check in […]

Severity Medium Analysis Summary CVE-2022-45389 Jenkins XP-Dev Plugin could allow a remote attacker to bypass security restrictions, caused by the lack of authentication mechanism for webhook. […]

Severity High Analysis Summary CVE-2022-45388 Jenkins Config Rotator Plugin could allow a remote attacker to traverse directories on the system, caused by improper validation of user […]

Severity High Analysis Summary CVE-2022-45387 Jenkins BART Plugin is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit […]