478 matches found
CVE-2026-0704
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
EUVD-2026-8636
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2026-0704
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2026-0704
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2026-0704
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2026-0704
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2026-0704
In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2026-0704
CVE-2026-0704 affects Octopus Deploy. An API endpoint allows removal of files or file contents on the host due to missing input validation in a field, potentially bypassing workflows. CVSS 4.0 base score 5.9 (NETWORK, HIGH complexity, HIGH impact on availability and integrity; confidentiality imp...
Octopus Deploy 安全漏洞
Octopus Deploy is an automated tool developed by the Australian company Octopus, used for the development and deployment of applications in .NET, Java, and other programming languages. There is a security vulnerability in Octopus Deploy, which stems from the lack of validation in the API endpoint...
PT-2026-21900
Name of the Vulnerable Software and Affected Versions Octopus Deploy affected versions not specified Description A lack of validation in a field within Octopus Deploy allowed for the removal of files and/or their contents on the host system via an API endpoint. This could potentially bypass...
CVE-2018-12884
In Octopus Deploy 3.0 onwards before 2018.6.7, an authenticated user with incorrect permissions may be able to create Accounts under the Infrastructure menu...
CVE-2019-11632
In Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user with the VariableViewUnscoped or VariableEditUnscoped permission scoped to a specific project could view or edit unscoped variables from a different project. These permissions are only used in custom...
CVE-2020-10678
In Octopus Deploy before 2020.1.5, for customers running on-premises Active Directory linked to their Octopus server, an authenticated user can leverage a bug to escalate privileges...
EUVD-2018-2622
Malware in sbrugna...
EUVD-2018-20643
Malware in sbrugna...
EUVD-2020-3118
Malware in sbrugna...
EUVD-2017-8823
Malware in sbrugna...
EUVD-2018-2653
Malware in sbrugna...
EUVD-2020-8163
Malware in sbrugna...
EUVD-2019-6495
Malware in sbrugna...