Lucene search
K

338 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-34319

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00847EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-28274

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00563EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-50281

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00431EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-34962

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.0045EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-24956

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00778EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-1734

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00361EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-35023

Malicious code in bioql PyPI...

9.1CVSS9AI score0.0053EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-1728

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00234EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:51 a.m.5 views

CVE-2024-7998

In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan...

2.6CVSS7AI score0.00234EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:56 a.m.6 views

CVE-2024-4456

In affected versions of Octopus Server with certain access levels it was possible to embed a Cross-Site Scripting payload on the audit page...

5.4CVSS6.3AI score0.00255EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:37 a.m.10 views

CVE-2024-4226

It was identified that in certain versions of Octopus Server, that a user created with no permissions could view all users, user roles and permissions. This functionality was removed in versions of Octopus Server after the fixed versions listed...

3.5CVSS6.9AI score0.00303EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:33 a.m.13 views

CVE-2024-4811

In affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacts...

2.2CVSS7AI score0.00243EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:33 a.m.14 views

CVE-2024-6972

In affected versions of Octopus Server under certain circumstances it is possible for sensitive variables to be printed in the task log in clear-text...

6.5CVSS6.8AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:33 a.m.4 views

CVE-2023-1904

In affected versions of Octopus Server it is possible for the OpenID client secret to be logged in clear text during the configuration of Octopus Server...

7.5CVSS6.7AI score0.00385EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:1 a.m.11 views

CVE-2022-2508

In affected versions of Octopus Server it is possible to reveal the existence of resources in a space that the user does not have access to due to verbose error messaging...

5.3CVSS6.8AI score0.00513EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:36 a.m.16 views

CVE-2022-4898

In affected versions of Octopus Server the help sidebar can be customized to include a Cross-Site Scripting payload in the support link. This was initially resolved in advisory 2022-07 however it was identified that the fix could be bypassed in certain circumstances. A different approach was take...

5.4CVSS6.3AI score0.00389EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:7 a.m.20 views

CVE-2022-2572

In affected versions of Octopus Server where access is managed by an external authentication provider, it was possible that the API key/keys of a disabled/deleted user were still valid after the access was revoked...

9.8CVSS7.2AI score0.00833EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:53 p.m.9 views

CVE-2022-23184

In affected Octopus Server versions when the server HTTP and HTTPS bindings are configured to localhost, Octopus Server will allow open redirects...

6.1CVSS6.9AI score0.00563EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:33 p.m.4 views

CVE-2022-2013

In Octopus Server after version 2022.1.1495 and before 2022.1.2647 if private spaces were enabled via the experimental feature flag all new users would have access to the Script Console within their private space...

7.5CVSS7.1AI score0.00847EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:31 p.m.3 views

CVE-2022-1670

When generating a user invitation code in Octopus Server, the validity of this code can be set for a specific number of users. It was possible to bypass this restriction of validity to create extra user accounts above the initial number of invited users...

7.5CVSS7AI score0.00778EPSS
Exploits0References1
Rows per page
Query Builder