479 matches found
CVE-2026-0704
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
EUVD-2026-8636
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2026-0704
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2026-0704
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2026-0704
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2026-0704
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2026-0704
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2026-0704
CVE-2026-0704 (Octopus Deploy) is described across multiple sources as a vulnerability where a lack of input validation on an API endpoint could allow removing files or their contents on the host, potentially bypassing workflows. The affected product is consistently identified as Octopus Deploy; ...
Octopus Deploy 安全漏洞
Octopus Deploy is an automated tool developed by the Australian company Octopus, used for the development and deployment of applications in .NET, Java, and other programming languages. There is a security vulnerability in Octopus Deploy, which stems from the lack of validation in the API endpoint...
PT-2026-21900
Name of the Vulnerable Software and Affected Versions Octopus Deploy affected versions not specified Description A lack of validation in a field within Octopus Deploy allowed for the removal of files and/or their contents on the host system via an API endpoint. This could potentially bypass...
CVE-2018-12884
In Octopus Deploy 3.0 onwards before 2018.6.7, an authenticated user with incorrect permissions may be able to create Accounts under the Infrastructure menu...
CVE-2019-11632
In Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user with the VariableViewUnscoped or VariableEditUnscoped permission scoped to a specific project could view or edit unscoped variables from a different project. These permissions are only used in custom...
CVE-2020-10678
In Octopus Deploy before 2020.1.5, for customers running on-premises Active Directory linked to their Octopus server, an authenticated user can leverage a bug to escalate privileges...
EUVD-2020-17285
Malware in sbrugna...
EUVD-2018-4837
Malware in sbrugna...
EUVD-2020-18786
Malware in sbrugna...
EUVD-2019-18331
Malware in sbrugna...
EUVD-2020-3118
Malware in sbrugna...
EUVD-2018-3358
Malware in sbrugna...
EUVD-2018-17475
Malware in sbrugna...