Lucene search
K

1378 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.5 views

CVE-2025-62327

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

4.9CVSS6.7AI score0.00222EPSS
Exploits0References1
OSV
OSV
added 2026/01/07 4:15 p.m.2 views

CVE-2025-62327

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

4.9CVSS5.8AI score0.00222EPSS
Exploits0References1
NVD
NVD
added 2026/01/07 4:15 p.m.9 views

CVE-2025-62327

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

4.9CVSS0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/07 3:17 p.m.5 views

CVE-2025-62327 HCL DevOps Deploy is susceptible to insufficiently protected credentials

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

4.9CVSS6.3AI score0.00222EPSS
Exploits0References1
CVE
CVE
added 2026/01/07 3:17 p.m.11 views

CVE-2025-62327

The CVE-2025-62327 affects HCL DevOps Deploy versions 8.1.2.0 through 8.1.2.3. A user with LLM configuration privileges may recover credentials saved for performing authenticated LLM Queries, indicating improper access control around LLM credentials. Root cause described across sources is insuffi...

4.9CVSS6.3AI score0.00222EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/01/07 3:17 p.m.28 views

CVE-2025-62327 HCL DevOps Deploy is susceptible to insufficiently protected credentials

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

4.9CVSS0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.10 views

CVE-2019-16574

A missing permission check in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS6.4AI score0.00852EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.9 views

CVE-2019-16573

A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS6.5AI score0.00691EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.4 views

PT-2026-1838

Name of the Vulnerable Software and Affected Versions HCL DevOps Deploy versions 8.1.2.0 through 8.1.2.3 Description A user possessing LLM configuration privileges may be able to recover credentials previously saved for authenticated LLM Queries. Recommendations Update HCL DevOps Deploy to a...

4.9CVSS6.5AI score0.00222EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/02 6:17 p.m.13 views

Security Bulletin: Rational Performance Tester contains a vulnerability which could lead to potential remote code execution

Summary Due to the use of the Apache Xalan Java XLST library, Rational Performance Tester contains a vulnerability that could lead to potential remote code execution. Vulnerability Details CVEID:CVE-2022-34169 DESCRIPTION: The Apache Xalan Java XSLT library could allow a remote attacker to execut...

7.5CVSS8.1AI score0.17673EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/02 6:10 p.m.5 views

Security Bulletin: Rational Performance Tester contains a vulnerability which could affect its use of the JavaScript HTTP client Axios

Summary Due to the use of the JavaScript HTTP client Axios, Rational Performance Tester contains a vulnerability which can result in a potential dential of service attack. Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Whe...

7.5CVSS6.7AI score0.01099EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/02 5:43 p.m.7 views

Security Bulletin: Rational Performance Tester contains a vulnerability related to use of the Netty framework

Summary Due to the use of Netty, Rational Performance Tester contains a vulnerability which could result in an Out of Memory OOM condition. CVE-2025-58057 Vulnerability Details CVEID:CVE-2025-58057 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid...

7.5CVSS6.5AI score0.00561EPSS
Exploits1Affected Software1
HackRead
HackRead
added 2025/12/20 7:3 p.m.6 views

DevOps and Cybersecurity: Building a New Line of Defense Against Digital Threats

Learn how DevOps and DevSecOps strengthen cybersecurity through automation, CI/CD, and secure DevOps development services...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.12 views

HCL Launch和HCL DevOps Deploy 安全漏洞

HCL Launch and HCL DevOps Deploy are both products of HCL India.HCL Launch is a multi-functional, enterprise-grade continuous delivery automation software. Used to handle the most complex deployment processes in DevOps.HCL DevOps Deploy is an application. Can be mapped to your organizational...

4.8CVSS6.8AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/16 8:44 p.m.6 views

CVE-2025-13489

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...

5.9CVSS6.3AI score0.00161EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/16 7:48 p.m.5 views

CVE-2025-36360

IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefl...

5CVSS6.6AI score0.00159EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/16 7:48 p.m.4 views

CVE-2025-14148

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...

6.5CVSS6.5AI score0.00253EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/16 6:31 p.m.6 views

EUVD-2025-203771

HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions...

5CVSS6.1AI score0.0016EPSS
Exploits0References2
NVD
NVD
added 2025/12/16 4:15 p.m.8 views

CVE-2025-62329

HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions...

5.6CVSS0.0016EPSS
Exploits0References1
OSV
OSV
added 2025/12/16 4:15 p.m.5 views

CVE-2025-62329

HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions...

5.6CVSS5.7AI score0.0016EPSS
Exploits0References1
Rows per page
Query Builder