Lucene search
K

1378 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/02/20 9:11 a.m.11 views

Security Bulletin: A security vulnerability have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase [CVE-2025-13333]

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

4.9CVSS5.7AI score0.0031EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.5 views

Security Updates for Azure DevOps 2022 XSS (February 2026)

The Microsoft Team Foundation Server is missing a security update. It is, therefore, affected by the following vulnerability: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2026-21512 Note that Nessus has not...

6.5CVSS5.5AI score0.00961EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/11 7:45 p.m.4 views

CVE-2026-21512

Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...

6.5CVSS5.5AI score0.00961EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/10 8:43 p.m.12 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase [CVE-2025-53066 ,CVE-2025-53057]

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7.5CVSS5.5AI score0.00633EPSS
Exploits0Affected Software2
NVD
NVD
added 2026/02/10 6:16 p.m.4 views

CVE-2026-21512

Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...

6.5CVSS0.00961EPSS
Exploits0References1
OSV
OSV
added 2026/02/10 6:16 p.m.6 views

CVE-2026-21512

Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...

6.5CVSS5.8AI score0.00961EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 5:51 p.m.29 views

CVE-2026-21512 Azure DevOps Server Cross-Site Scripting Vulnerability

...

6.5CVSS0.00961EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/10 5:51 p.m.4 views

CVE-2026-21512 Azure DevOps Server Cross-Site Scripting Vulnerability

...

6.5CVSS5.4AI score0.00961EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 5:51 p.m.21 views

CVE-2026-21512

CVE-2026-21512 describes a server-side request forgery vulnerability in Azure DevOps Server . The connected documents consistently state an SSRF issue that enables an authorized attacker to perform spoofing over a network , effectively allowing impersonation of another user within affected compon...

6.5CVSS5.5AI score0.00961EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/10 5:51 p.m.7 views

CVE-2026-21512

Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...

6.5CVSS5.5AI score0.00961EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/02/10 4:0 p.m.7 views

Azure DevOps Server Cross-Site Scripting Vulnerability

Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...

6.5CVSS5.5AI score0.00961EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.5 views

PT-2026-7398

Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...

6.5CVSS5.5AI score0.00961EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.4 views

Microsoft Azure DevOps Server 代码问题漏洞

Microsoft Azure DevOps Server is a software development collaboration tool provided by the American company Microsoft. This product includes features such as shared code, work tracking, and software release management. There are code-related vulnerabilities in Microsoft Azure DevOps Server...

6.5CVSS5.8AI score0.00961EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/05 10:54 a.m.11 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2026-21925, CVE-2026-21945)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7.5CVSS6.1AI score0.00547EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/05 10:52 a.m.11 views

Security Bulletin: A security vulnerability have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2025-30754)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

4.8CVSS6.7AI score0.00381EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/04 9:44 a.m.15 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2025-66200, CVE-2025-59375, CVE-2025-65082, CVE-2025-59775, CVE-2025-58098]

Summary IBM HTTP Server IHS is shipped as a component of IBM DevOps Code ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2025-66200, CVE-2025-59375, CVE-2025-65082, CVE-2025-59775, CVE-2025-58098 Vulnerability Details Refer to the...

8.3CVSS5.3AI score0.015EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/04 9:43 a.m.11 views

Security Bulletin: A security vulnerability have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2025-12635)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

5.4CVSS5.5AI score0.00139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/26 7:14 p.m.9 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a Request Smuggling Vulnerability in Netty (CVE-2025-67735)

Summary Netty is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCD as part of the agent-server and server-server inter-communication services. CVE-2025-67735 Vulnerability Details CVEID:CVE-2025-67735 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In version...

6.5CVSS5.8AI score0.00292EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.3 views

PT-2026-3742

Summary The getSecretKey template function, while introduced for senhasegura Devops Secrets Management DSM provider, has the ability to fetch secrets cross-namespaces with the roleBinding of the external-secrets controller, bypassing our security mechanisms. This function was completely removed, ...

9.3CVSS5.5AI score
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/09 12:41 p.m.7 views

CVE-2023-25722

A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to...

5.5CVSS6.7AI score0.00206EPSS
Exploits0References1
Rows per page
Query Builder