Lucene search
K

1393 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.65 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573]

Summary IBM HTTP Server IHS is shipped as a component of IBM DevOps Code ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2024-38472, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573...

9.8CVSS6.8AI score0.99957EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.13 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2024-45087, CVE-2023-50315)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

5.9CVSS5.6AI score0.00268EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.61 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2024-40898, CVE-2024-40725]

Summary IBM HTTP Server IHS is shipped as a component of IBM DevOps Code ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2024-40898, CVE-2024-40725 Vulnerability Details Refer to the security bulletins listed in the...

9.1CVSS6.5AI score0.04134EPSS
Exploits5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/23 12:0 a.m.5 views

The vulnerability of the IBM DevOps Velocity lifecycle management platform (formerly known as IBM UrbanCode Velocity) relates to the disclosure of information through browser caching, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the IBM DevOps Velocity formerly IBM UrbanCode Velocity lifecycle management platform relates to the disclosure of information through browser caching. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

4CVSS5.4AI score0.00206EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/01/23 12:0 a.m.6 views

The vulnerability of the IBM DevOps Velocity lifecycle management platform (formerly known as IBM UrbanCode Velocity) relates to the use of cryptographic algorithms that contain defects, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the IBM DevOps Velocity formerly IBM UrbanCode Velocity lifecycle management platform is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to...

5.9CVSS5.5AI score0.00311EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2025/01/20 6:15 p.m.3 views

CVE-2024-22349

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be stored locally which can be read by another user on the system...

3.3CVSS5.8AI score0.00206EPSS
Exploits0References1
OSV
OSV
added 2025/01/20 6:15 p.m.4 views

CVE-2024-22348

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses Cross-Origin Resource Sharing CORS which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains...

7.5CVSS5.8AI score0.00345EPSS
Exploits0References1
NVD
NVD
added 2025/01/20 6:15 p.m.18 views

CVE-2024-22349

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be stored locally which can be read by another user on the system...

4CVSS0.00206EPSS
Exploits0References1
NVD
NVD
added 2025/01/20 6:15 p.m.45 views

CVE-2024-22347

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

7.5CVSS0.00311EPSS
Exploits0References1
NVD
NVD
added 2025/01/20 6:15 p.m.25 views

CVE-2024-22348

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses Cross-Origin Resource Sharing CORS which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains...

7.5CVSS0.00345EPSS
Exploits0References1
OSV
OSV
added 2025/01/20 6:15 p.m.6 views

CVE-2024-22347

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

7.5CVSS5.8AI score0.00311EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/20 5:42 p.m.29 views

CVE-2024-22349 IBM UrbanCode Velocity information disclosure

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be stored locally which can be read by another user on the system...

4CVSS0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/20 12:0 a.m.3 views

IBM DevOps Velocity和IBM UrbanCode Velocity 加密问题漏洞

IBM DevOps Velocity and IBM UrbanCode Velocity are both products of International Business Machines IBM.IBM DevOps Velocity is an enterprise-class release management application that supports cloud-native and local deployments.IBM UrbanCode Velocity is an enterprise-class release management and...

7.5CVSS6.1AI score0.00311EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/20 12:0 a.m.5 views

IBM DevOps Velocity和IBM UrbanCode Velocity 安全漏洞

IBM DevOps Velocity and IBM UrbanCode Velocity are both products of International Business Machines IBM.IBM DevOps Velocity is an enterprise-class release management application that supports cloud-native and local deployments.IBM UrbanCode Velocity is an enterprise-class release management and...

7.5CVSS5.9AI score0.00345EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/20 12:0 a.m.5 views

IBM DevOps Velocity和IBM UrbanCode Velocity 安全漏洞

IBM DevOps Velocity and IBM UrbanCode Velocity are both products of International Business Machines IBM.IBM DevOps Velocity is an enterprise-class release management application that supports cloud-native and local deployments.IBM UrbanCode Velocity is an enterprise-class release management and...

4CVSS6AI score0.00206EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/15 11:46 a.m.22 views

Security Bulletin: An Eclipse Jetty Denial of Service vulnerability affects IBM Rational Functional Tester / DevOps Test UI

Summary There is a vulnerability in Eclipse Jetty used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE CVE-2024-9823. Vulnerability Details CVEID:CVE-2024-9823 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by a fla...

7.5CVSS6.5AI score0.00946EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/01/06 5:15 p.m.3 views

CVE-2024-51472

IBM UrbanCode Deploy UCD 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0 through 8.0.1.3 are vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure...

3.1CVSS5.9AI score
Exploits0References1
NVD
NVD
added 2025/01/06 5:15 p.m.25 views

CVE-2024-51472

IBM UrbanCode Deploy UCD 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0 through 8.0.1.3 are vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure...

3.1CVSS0.00244EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/06 4:38 p.m.22 views

CVE-2024-51472 IBM DevOps Deploy / IBM UrbanCode Deploy HTML injection

IBM UrbanCode Deploy UCD 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0 through 8.0.1.3 are vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure...

3.1CVSS0.00244EPSS
Exploits0References1
CVE
CVE
added 2025/01/06 4:38 p.m.60 views

CVE-2024-51472

CVE-2024-51472 affects IBM UrbanCode Deploy (UCD) versions 7.2 (up to 7.2.3.13), 7.3 (up to 7.3.2.8), and IBM DevOps Deploy 8.0–8.0.1.3. The issue is HTML injection in the Web UI that may disclose sensitive information. Remediation is to upgrade to one of: 7.2.3.14, 7.3.2.9, 8.0.1.4, or 8.1.0.0 o...

3.1CVSS3.8AI score0.00244EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder