1378 matches found
Security Bulletin: A security vulnerability have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase [CVE-2025-13333]
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Updates for Azure DevOps 2022 XSS (February 2026)
The Microsoft Team Foundation Server is missing a security update. It is, therefore, affected by the following vulnerability: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2026-21512 Note that Nessus has not...
CVE-2026-21512
Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase [CVE-2025-53066 ,CVE-2025-53057]
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
CVE-2026-21512
Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...
CVE-2026-21512
Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...
CVE-2026-21512 Azure DevOps Server Cross-Site Scripting Vulnerability
...
CVE-2026-21512 Azure DevOps Server Cross-Site Scripting Vulnerability
...
CVE-2026-21512
CVE-2026-21512 describes a server-side request forgery vulnerability in Azure DevOps Server . The connected documents consistently state an SSRF issue that enables an authorized attacker to perform spoofing over a network , effectively allowing impersonation of another user within affected compon...
CVE-2026-21512
Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...
Azure DevOps Server Cross-Site Scripting Vulnerability
Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...
PT-2026-7398
Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...
Microsoft Azure DevOps Server 代码问题漏洞
Microsoft Azure DevOps Server is a software development collaboration tool provided by the American company Microsoft. This product includes features such as shared code, work tracking, and software release management. There are code-related vulnerabilities in Microsoft Azure DevOps Server...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2026-21925, CVE-2026-21945)
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: A security vulnerability have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2025-30754)
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2025-66200, CVE-2025-59375, CVE-2025-65082, CVE-2025-59775, CVE-2025-58098]
Summary IBM HTTP Server IHS is shipped as a component of IBM DevOps Code ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2025-66200, CVE-2025-59375, CVE-2025-65082, CVE-2025-59775, CVE-2025-58098 Vulnerability Details Refer to the...
Security Bulletin: A security vulnerability have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2025-12635)
Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a Request Smuggling Vulnerability in Netty (CVE-2025-67735)
Summary Netty is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCD as part of the agent-server and server-server inter-communication services. CVE-2025-67735 Vulnerability Details CVEID:CVE-2025-67735 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In version...
PT-2026-3742
Summary The getSecretKey template function, while introduced for senhasegura Devops Secrets Management DSM provider, has the ability to fetch secrets cross-namespaces with the roleBinding of the external-secrets controller, bypassing our security mechanisms. This function was completely removed, ...
CVE-2023-25722
A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to...