{"vulnerability": "CVE-2019-1003", "sightings": [{"uuid": "f2dc1896-3771-4f60-8619-0b7f482c1a7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/36bfc706-1c9e-42f4-86f1-081e72495e13", "content": "", "creation_timestamp": "2026-02-02T12:27:48.970393Z"}, {"uuid": "64caad2b-b70e-43c4-8469-a8b71d20271a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003030", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7e5ef2ef-e79e-4431-be33-4443bd8bbc7e", "content": "", "creation_timestamp": "2026-02-02T12:28:01.788416Z"}, {"uuid": "8dc65351-fff6-4b70-9fce-ee40ef64316f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10038", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/2792", "content": "\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Evernote \u0434\u043b\u044f \u041c\u0430\u043a \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u043e\u0441\u044c \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438. \u0412 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435 \u0436\u0435\u0440\u0442\u0432\u044b:\nhttps://www.inputzero.io/2019/04/evernote-cve-2019-10038.html", "creation_timestamp": "2019-04-17T18:07:06.000000Z"}, {"uuid": "826a166d-a000-47a8-a336-cfacc5dc43d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003030", "type": "seen", "source": "Telegram/hNIhMNqEodPMH5o8iI4r8bf20jVazffIQoXfnAAwyaQsY78_", "content": "", "creation_timestamp": "2025-02-20T23:26:56.000000Z"}, {"uuid": "94e9b265-682b-483f-a14f-875b1874d505", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "Telegram/7IgkG6nnjy1VbiJBgLbZbf_ZL1y9urS3pEDijGmcfdx0iJ4X", "content": "", "creation_timestamp": "2025-02-20T23:26:56.000000Z"}, {"uuid": "35cc036e-503d-4b7f-be19-4febaa1ba3eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003030", "type": "seen", "source": "https://t.me/arpsyndicate/1064", "content": "#ExploitObserverAlert\n\nCVE-2019-1003030\n\nDESCRIPTION: Exploit Observer has 11 entries related to CVE-2019-1003030. A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM.\n\nFIRST-EPSS: 0.006590000\nNVD-IS: 6.0\nNVD-ES: 3.1", "creation_timestamp": "2023-12-04T00:03:17.000000Z"}, {"uuid": "39a22588-5877-4fd7-9823-ab7a7586d04d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003001", "type": "seen", "source": "https://t.me/arpsyndicate/1772", "content": "#ExploitObserverAlert\n\nCVE-2019-1003001\n\nDESCRIPTION: Exploit Observer has 17 entries related to CVE-2019-1003001. A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and earlier in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.\n\nFIRST-EPSS: 0.796510000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-11T15:54:03.000000Z"}, {"uuid": "64396ca5-bcbc-42ee-8a19-1dfb57911d25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "https://t.me/arpsyndicate/1757", "content": "#ExploitObserverAlert\n\nCVE-2019-1003029\n\nDESCRIPTION: Exploit Observer has 20 entries related to CVE-2019-1003029. A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM.\n\nFIRST-EPSS: 0.011400000\nNVD-IS: 6.0\nNVD-ES: 3.1", "creation_timestamp": "2023-12-11T14:41:23.000000Z"}, {"uuid": "2bb321bd-1b09-4fa1-8400-58fdf13d152a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003005", "type": "published-proof-of-concept", "source": "https://t.me/netrunnerz/438", "content": "Jenkins RCE 2019\nCVE-2018-1000861\nCVE-2019-1003005\nCVE-2019-1003029\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435:\n$ curl -s -I http://jenkins/| grep X-Jenkins\nX-Jenkins: 2.137\nX-Jenkins-Session: 20f72c2e\nX-Jenkins-CLI-Port: 50000\nX-Jenkins-CLI2-Port: 50000\n\n$ python exp.py http://jenkins/ 'curl orange.tw'\n[*] ANONYMOUS_READ disable!\n[*] Bypass with CVE-2018-1000861!\n[*] Exploit success!(it should be :P)\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438:\nJenkins 2.53\nJenkins 2.122\nJenkins 2.137\nJenkins 2.138 with ANONYMOUS_READ enable\nJenkins 2.152 with ANONYMOUS_READ enable\nJenkins 2.153 with ANONYMOUS_READ enable\nScript Security Plugin 1.43\nScript Security Plugin 1.48", "creation_timestamp": "2023-04-06T10:40:22.000000Z"}, {"uuid": "05b42c3d-9a2b-4c55-8114-e2d487a9d149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "published-proof-of-concept", "source": "https://t.me/netrunnerz/438", "content": "Jenkins RCE 2019\nCVE-2018-1000861\nCVE-2019-1003005\nCVE-2019-1003029\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435:\n$ curl -s -I http://jenkins/| grep X-Jenkins\nX-Jenkins: 2.137\nX-Jenkins-Session: 20f72c2e\nX-Jenkins-CLI-Port: 50000\nX-Jenkins-CLI2-Port: 50000\n\n$ python exp.py http://jenkins/ 'curl orange.tw'\n[*] ANONYMOUS_READ disable!\n[*] Bypass with CVE-2018-1000861!\n[*] Exploit success!(it should be :P)\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438:\nJenkins 2.53\nJenkins 2.122\nJenkins 2.137\nJenkins 2.138 with ANONYMOUS_READ enable\nJenkins 2.152 with ANONYMOUS_READ enable\nJenkins 2.153 with ANONYMOUS_READ enable\nScript Security Plugin 1.43\nScript Security Plugin 1.48", "creation_timestamp": "2023-04-06T10:40:22.000000Z"}, {"uuid": "c0f3320a-e44e-45ed-b6db-73902c42dcf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003000", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/2325", "content": "Jenkins RCE PoC. From unauthenticated user to remote code execution - it's a hacker's dream! (Chaining CVE-2019-1003000, CVE-2018-1999002, and more)  https://github.com/petercunha/jenkins_unauthenticated_remote_code_execution", "creation_timestamp": "2019-02-20T11:38:16.000000Z"}, {"uuid": "47e86625-924a-4d70-9305-c53432d78a50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003033", "type": "seen", "source": "MISP/5ccf3134-ea64-43c1-a356-f9f3950d210f", "content": "", "creation_timestamp": "2019-05-05T19:20:03.000000Z"}, {"uuid": "e7d4091f-a1c8-4156-967c-c639a42828eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003030", "type": "seen", "source": "MISP/5ccf3134-ea64-43c1-a356-f9f3950d210f", "content": "", "creation_timestamp": "2019-05-05T19:20:03.000000Z"}, {"uuid": "048fc18a-0b2a-415a-9971-7702dab52f4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "MISP/5ccf3134-ea64-43c1-a356-f9f3950d210f", "content": "", "creation_timestamp": "2019-05-05T19:20:03.000000Z"}, {"uuid": "6520a7cd-25f6-44cb-a37b-033c8fb3e244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003000", "type": "seen", "source": "MISP/5dad8c03-98b4-405a-a52d-30090a3b4631", "content": "", "creation_timestamp": "2019-10-21T10:44:41.000000Z"}, {"uuid": "b3620225-8b09-46c1-8d63-be2153379a40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003000", "type": "exploited", "source": "https://www.exploit-db.com/exploits/46427", "content": "", "creation_timestamp": "2019-02-19T00:00:00.000000Z"}, {"uuid": "7e9f6de9-8d3d-4743-87d7-4740203db770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003001", "type": "exploited", "source": "https://www.exploit-db.com/exploits/46572", "content": "", "creation_timestamp": "2019-03-19T00:00:00.000000Z"}, {"uuid": "616722e5-3560-4da6-a933-1e462befbcea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003000", "type": "exploited", "source": "https://www.exploit-db.com/exploits/46572", "content": "", "creation_timestamp": "2019-03-19T00:00:00.000000Z"}, {"uuid": "7e18a9c8-5f6e-4fd1-bf40-f00c58427214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003002", "type": "exploited", "source": "https://www.exploit-db.com/exploits/46427", "content": "", "creation_timestamp": "2019-02-19T00:00:00.000000Z"}, {"uuid": "f67f211a-8535-42fe-99ed-6b32102133ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003002", "type": "exploited", "source": "https://www.exploit-db.com/exploits/46572", "content": "", "creation_timestamp": "2019-03-19T00:00:00.000000Z"}, {"uuid": "631988b2-e57b-4e03-b45e-4ea8143ee437", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003030", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971432", "content": "", "creation_timestamp": "2024-12-24T20:29:14.762556Z"}, {"uuid": "6eaeffb2-9142-4421-b09c-a3f708b2dcd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-100300", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:10.000000Z"}, {"uuid": "979468c7-593f-4036-b342-49f2a2781631", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-100302", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:10.000000Z"}, {"uuid": "39b11bb5-917e-4bde-aaf1-f0dd757b1137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003030", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:22.000000Z"}, {"uuid": "4e654d53-9e03-4a6b-bdb2-fc437f2b5fcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003030", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvjlb6nise2a", "content": "", "creation_timestamp": "2025-08-03T21:02:21.743968Z"}, {"uuid": "49d320d7-ba00-434c-87e4-9f641eb43df3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:16.000000Z"}, {"uuid": "13dc13e5-1a51-44f6-8db9-f9c00ea4f097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2140", "content": "awesome jenkins rce 2019\nThere is no pre-auth RCE in Jenkins since May 2017, but this is the one!\nIt chains CVE-2018-1000861, CVE-2019-1003005 and CVE-2019-1003029 to a more reliable and elegant pre-auth remote code execution!\nhttps://github.com/orangetw/awesome-jenkins-rce-2019\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1\ufe0f", "creation_timestamp": "2022-07-31T07:01:12.000000Z"}, {"uuid": "206ec6ce-2e4d-44c0-b60a-a8eec0f6b840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003000", "type": "seen", "source": "MISP/d242633d-9d52-4527-ac05-95ce6550cfae", "content": "", "creation_timestamp": "2020-10-09T14:44:07.000000Z"}, {"uuid": "5a465374-a6f7-4efc-8ec3-5f0fc512df49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:03.000000Z"}, {"uuid": "ecad9504-35b3-46ee-bd87-7e316b48c75c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003030", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:03.000000Z"}, {"uuid": "fc9114cb-8244-43f8-8222-e024c9e9f514", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971532", "content": "", "creation_timestamp": "2024-12-24T20:30:45.352017Z"}, {"uuid": "f3b99397-7c84-46c9-b74a-40507147aa68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-100302", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}, {"uuid": "58728fca-a5b6-467e-9217-5ad6a8bd1dee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-100300", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}, {"uuid": "039a1904-2b7e-4bb8-be78-45ff36601128", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003000", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/jenkins_metaprogramming.rb", "content": "", "creation_timestamp": "2019-03-18T12:37:31.000000Z"}, {"uuid": "c4ba5f0f-a743-46a3-9e05-0c1099edd259", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003005", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/jenkins_metaprogramming.rb", "content": "", "creation_timestamp": "2019-03-18T12:37:31.000000Z"}, {"uuid": "5a2da42d-8df2-4077-b31e-4bf2d2af9208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/jenkins_metaprogramming.rb", "content": "", "creation_timestamp": "2019-03-18T12:37:31.000000Z"}, {"uuid": "6e3c00c8-f82c-4521-8234-673d6cca2739", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10038", "type": "published-proof-of-concept", "source": "https://t.me/antichat/4507", "content": "\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Evernote \u0434\u043b\u044f \u041c\u0430\u043a \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u043e\u0441\u044c \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438. \u0412 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435 \u0436\u0435\u0440\u0442\u0432\u044b:\nhttps://www.inputzero.io/2019/04/evernote-cve-2019-10038.html", "creation_timestamp": "2019-04-17T22:45:48.000000Z"}, {"uuid": "c492becd-27f5-415b-a32e-ad367eeb6f97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003005", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2140", "content": "awesome jenkins rce 2019\nThere is no pre-auth RCE in Jenkins since May 2017, but this is the one!\nIt chains CVE-2018-1000861, CVE-2019-1003005 and CVE-2019-1003029 to a more reliable and elegant pre-auth remote code execution!\nhttps://github.com/orangetw/awesome-jenkins-rce-2019\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1\ufe0f", "creation_timestamp": "2022-07-31T07:01:12.000000Z"}, {"uuid": "f6422fc5-03e0-4387-b939-a33d408e0efd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003000", "type": "seen", "source": "https://t.me/arpsyndicate/1741", "content": "#ExploitObserverAlert\n\nCVE-2019-1003000\n\nDESCRIPTION: Exploit Observer has 36 entries related to CVE-2019-1003000. A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.\n\nFIRST-EPSS: 0.836470000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-11T13:15:11.000000Z"}, {"uuid": "502f3a01-56fe-466b-80e8-6f0439d8551f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003030", "type": "seen", "source": "https://t.me/arpsyndicate/1737", "content": "#ExploitObserverAlert\n\nCVE-2019-1003030\n\nDESCRIPTION: Exploit Observer has 12 entries related to CVE-2019-1003030. A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM.\n\nFIRST-EPSS: 0.006590000\nNVD-IS: 6.0\nNVD-ES: 3.1", "creation_timestamp": "2023-12-11T12:54:13.000000Z"}, {"uuid": "10cabd53-6527-46db-9aa9-53e7c7be0d81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003002", "type": "seen", "source": "https://t.me/arpsyndicate/1732", "content": "#ExploitObserverAlert\n\nCVE-2019-1003002\n\nDESCRIPTION: Exploit Observer has 15 entries related to CVE-2019-1003002. A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and earlier in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.\n\nFIRST-EPSS: 0.796510000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-11T12:29:22.000000Z"}, {"uuid": "b9f96c54-befa-4bd2-abd8-3dbac4177598", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-10038", "type": "seen", "source": "https://t.me/information_security_channel/26797", "content": "A local file path traversal issue (CVE-2019-10038) was found in #Evernote 7.9 for macOS that could have allowed att\u2026 https://t.co/dsbo6cERDS", "creation_timestamp": "2019-04-23T10:53:19.000000Z"}, {"uuid": "97adeb3d-4c20-4995-bae6-66a26000f072", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003030", "type": "seen", "source": "MISP/d1172703-3494-4390-8af8-e07d7db9aab8", "content": "", "creation_timestamp": "2024-11-14T06:07:06.000000Z"}, {"uuid": "39c8ada5-4124-4d78-ada6-977a871ee705", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003001", "type": "exploited", "source": "https://www.exploit-db.com/exploits/46427", "content": "", "creation_timestamp": "2019-02-19T00:00:00.000000Z"}, {"uuid": "760d0cc0-a36f-4797-8369-6f417ea75a26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:22.000000Z"}, {"uuid": "e3bf336c-e1fd-439c-83c9-33185fd055f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2019-1003000", "type": "seen", "source": "https://gist.github.com/Devball406/7c3257f2034c725588426e563837ad80", "content": "", "creation_timestamp": "2025-05-12T15:51:09.000000Z"}, {"uuid": "ebea27a0-a6df-489c-841b-4501da3ebbd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003001", "type": "seen", "source": "https://gist.github.com/Devball406/7c3257f2034c725588426e563837ad80", "content": "", "creation_timestamp": "2025-05-12T15:51:09.000000Z"}, {"uuid": "2823cea4-e8c7-4e8e-ab6c-b94514c28dcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003002", "type": "seen", "source": "https://gist.github.com/Devball406/7c3257f2034c725588426e563837ad80", "content": "", "creation_timestamp": "2025-05-12T15:51:09.000000Z"}, {"uuid": "a7c194bc-1f29-4197-9c51-c8ea6d308e3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003002", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/jenkins_metaprogramming.rb", "content": "", "creation_timestamp": "2019-03-18T12:37:31.000000Z"}, {"uuid": "b3a90662-c5e0-40ed-b76f-c78287c364b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003001", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/jenkins_metaprogramming.rb", "content": "", "creation_timestamp": "2019-03-18T12:37:31.000000Z"}, {"uuid": "8b2d932e-0c19-4a91-995e-9976ec87e459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/36bfc706-1c9e-42f4-86f1-081e72495e13", "content": "", "creation_timestamp": "2026-02-02T12:27:48.970393Z"}, {"uuid": "09a41ba8-c59b-4c2f-8523-8d90b7b241a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003030", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7e5ef2ef-e79e-4431-be33-4443bd8bbc7e", "content": "", "creation_timestamp": "2026-02-02T12:28:01.788416Z"}]}