https://db.gcve.eu/sightings/feedMost recent sightings.2026-06-05T01:01:04.809182+00:00Vulnerability-Lookupinfo@gcve.eupython-feedgenContains only the most 10 recent sightings.https://db.gcve.eu/sighting/5f43579e-416c-46c4-a9d6-4c504190dc65/export5f43579e-416c-46c4-a9d6-4c504190dc652026-06-05T01:01:05.139709+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "5f43579e-416c-46c4-a9d6-4c504190dc65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36917", "type": "seen", "source": "https://t.me/cibsecurity/47079", "content": "\u203c CVE-2022-36917 \u203c\n\nA missing permission check in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers with Overall/Read permission to request a manual backup.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-27T18:46:52.000000Z"}2022-07-27T18:46:52+00:00https://db.gcve.eu/sighting/c773961f-a18a-4b20-9d37-7296f74dc8d4/exportc773961f-a18a-4b20-9d37-7296f74dc8d42026-06-05T01:01:05.139661+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "c773961f-a18a-4b20-9d37-7296f74dc8d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36919", "type": "seen", "source": "https://t.me/cibsecurity/47085", "content": "\u203c CVE-2022-36919 \u203c\n\nA missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-27T18:49:37.000000Z"}2022-07-27T18:49:37+00:00https://db.gcve.eu/sighting/b34f5fad-830f-45b5-bb00-834fc0d0eb24/exportb34f5fad-830f-45b5-bb00-834fc0d0eb242026-06-05T01:01:05.139612+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "b34f5fad-830f-45b5-bb00-834fc0d0eb24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36913", "type": "seen", "source": "https://t.me/cibsecurity/47091", "content": "\u203c CVE-2022-36913 \u203c\n\nJenkins Openstack Heat Plugin 1.5 and earlier does not perform permission checks in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-27T18:49:45.000000Z"}2022-07-27T18:49:45+00:00https://db.gcve.eu/sighting/81df9710-0143-4bb3-8fa8-bb5676f52356/export81df9710-0143-4bb3-8fa8-bb5676f523562026-06-05T01:01:05.139560+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "81df9710-0143-4bb3-8fa8-bb5676f52356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36915", "type": "seen", "source": "https://t.me/cibsecurity/47093", "content": "\u203c CVE-2022-36915 \u203c\n\nJenkins Android Signing Plugin 2.2.5 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace contents.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-27T18:49:47.000000Z"}2022-07-27T18:49:47+00:00https://db.gcve.eu/sighting/50850775-7cbe-40bf-b0cd-444ba8783109/export50850775-7cbe-40bf-b0cd-444ba87831092026-06-05T01:01:05.139500+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "50850775-7cbe-40bf-b0cd-444ba8783109", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36910", "type": "seen", "source": "https://t.me/cibsecurity/47098", "content": "\u203c CVE-2022-36910 \u203c\n\nJenkins Lucene-Search Plugin 370.v62a5f618cd3a and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to reindex the database and to obtain information about jobs otherwise inaccessible to them.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-27T18:49:55.000000Z"}2022-07-27T18:49:55+00:00https://db.gcve.eu/sighting/05db4110-1714-4f02-86a2-ee394f5514ab/export05db4110-1714-4f02-86a2-ee394f5514ab2026-06-05T01:01:05.139412+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "05db4110-1714-4f02-86a2-ee394f5514ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36916", "type": "seen", "source": "https://t.me/cibsecurity/47100", "content": "\u203c CVE-2022-36916 \u203c\n\nA cross-site request forgery (CSRF) vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-27T18:50:00.000000Z"}2022-07-27T18:50:00+00:00https://db.gcve.eu/sighting/e510acf0-86e4-48d1-9769-8de4a13ed94b/exporte510acf0-86e4-48d1-9769-8de4a13ed94b2026-06-05T01:01:05.139248+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "e510acf0-86e4-48d1-9769-8de4a13ed94b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36918", "type": "seen", "source": "https://t.me/cibsecurity/47101", "content": "\u203c CVE-2022-36918 \u203c\n\nJenkins Buckminster Plugin 1.1.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-27T18:50:01.000000Z"}2022-07-27T18:50:01+00:00https://db.gcve.eu/sighting/223dead7-7bd7-448d-be79-909dbf0086b9/export223dead7-7bd7-448d-be79-909dbf0086b92026-06-05T01:01:05.139019+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "223dead7-7bd7-448d-be79-909dbf0086b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36911", "type": "seen", "source": "https://t.me/cibsecurity/47102", "content": "\u203c CVE-2022-36911 \u203c\n\nA cross-site request forgery (CSRF) vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-27T18:50:02.000000Z"}2022-07-27T18:50:02+00:00https://db.gcve.eu/sighting/42964ebc-b887-4a95-9d4e-55eebc6d3b0c/export42964ebc-b887-4a95-9d4e-55eebc6d3b0c2026-06-05T01:01:05.138737+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "42964ebc-b887-4a95-9d4e-55eebc6d3b0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36914", "type": "seen", "source": "https://t.me/cibsecurity/47076", "content": "\u203c CVE-2022-36914 \u203c\n\nJenkins Files Found Trigger Plugin 1.5 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-04T11:52:11.000000Z"}2022-08-04T11:52:11+00:00https://db.gcve.eu/sighting/b7589fd9-4e76-4fe1-9c5d-5b9ff4e5fe22/exportb7589fd9-4e76-4fe1-9c5d-5b9ff4e5fe222026-06-05T01:01:05.136207+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "b7589fd9-4e76-4fe1-9c5d-5b9ff4e5fe22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36912", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14899", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-36912\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.\n\ud83d\udccf Published: 2022-07-27T14:27:18.000Z\n\ud83d\udccf Modified: 2025-05-05T16:13:36.924Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2105%20%281%29\n2. http://www.openwall.com/lists/oss-security/2022/07/27/1", "creation_timestamp": "2025-05-05T16:19:47.000000Z"}2025-05-05T16:19:47+00:00