CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

583 matches found

IBM Security Bulletins•added 2026/01/26 7:14 p.m.•8 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a Request Smuggling Vulnerability in Netty (CVE-2025-67735)

Summary Netty is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCD as part of the agent-server and server-server inter-communication services. CVE-2025-67735 Vulnerability Details CVEID:CVE-2025-67735 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In version...

6.5CVSS5.8AI score0.00024EPSS

Exploits1Affected Software1

RedhatCVE•added 2026/01/09 9:24 a.m.•1 views

CVE-2023-40376

IBM UrbanCode Deploy UCD 7.1 - 7.1.2.12, 7.2 through 7.2.3.5, and 7.3 through 7.3.2.0 under certain configurations could allow an authenticated user to make changes to environment variables due to improper authentication controls. IBM X-Force ID: 263581...

6.5CVSS6.6AI score0.00031EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:18 a.m.•12 views

CVE-2025-1997

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 through 8.0.1.4 and 8.1 through 8.1 is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentiall...

5.4CVSS6.5AI score0.00106EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:16 a.m.•12 views

CVE-2025-1998

IBM UrbanCode Deploy UCD through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 through 8.0.1.4 and 8.1 through 8.1 stores potentially sensitive authentication token information in log files that could be read by a local user...

5.5CVSS6.6AI score0.00082EPSS

Exploits0References1

RedhatCVE•added 2025/12/16 7:48 p.m.•0 views

CVE-2025-36360

IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefl...

5CVSS6.6AI score0.00031EPSS

Exploits0References1

OSV•added 2025/12/15 8:15 p.m.•1 views

CVE-2025-36360

5CVSS5.7AI score

Exploits0References1

NVD•added 2025/12/15 8:15 p.m.•1 views

CVE-2025-36360

5CVSS0.00031EPSS

Exploits0References1

NVD•added 2025/12/15 8:15 p.m.•2 views

CVE-2025-14148

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...

6.5CVSS0.00031EPSS

Exploits0References1

Cvelist•added 2025/12/15 7:38 p.m.•14 views

CVE-2025-36360 IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to an Insufficient Session Expiration vulnerability

5CVSS0.00031EPSS

Exploits0References1

IBM Security Bulletins•added 2025/12/12 8:44 p.m.•11 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by multiple Apache Tomcat vulnerabilities (CVE-2025-55752, CVE-2025-61795)

Summary Apache Tomcat is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCDas part of the user web interface and API. CVE-2025-55752, CVE-2025-61795 Vulnerability Details CVEID:CVE-2025-55752 DESCRIPTION: Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a...

7.5CVSS7.5AI score0.00274EPSS

Exploits4Affected Software1

IBM Security Bulletins•added 2025/10/14 2:36 p.m.•4 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to multiple vulnerabilities in Netty (CVE-2025-58056, CVE-2025-58057)

Summary Netty is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCD as part of the agent-server-relay communication system and is affected by CVE-2025-58056, CVE-2025-58057. Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is an asynchronous event-driven network application framewo...

7.5CVSS6.3AI score0.00097EPSS

Exploits2Affected Software1