CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2310 matches found

Vulnrichment•added 2023/03/13 12:0 a.m.•6 views

CVE-2022-2258

In affected versions of Octopus Deploy it is possible for a user to view Tagsets without being explicitly assigned permissions to view these items...

4.6AI score0.00496EPSS

Exploits0References1

CVE•added 2023/03/13 12:0 a.m.•53 views

CVE-2022-2259

CVE-2022-2259 affects Octopus Deploy: authenticated users can view Workerpools without explicit permissions. This entry provides a general description of the issue; no concrete technical details (affected versions, root cause, exploit paths, or fixes) are present in the supplied documents. The ri...

4.3CVSS4.6AI score0.00434EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/03/13 12:0 a.m.•5 views

Octopus Deploy 安全漏洞

Octopus Deploy is an automation tool for .NET, Java, and other application development deployment from Octopus Deploy Australia. A security vulnerability exists in Octopus Deploy Octopus Server that stems from the possibility of a user viewing a tag set without explicitly assigned permissions...

4.3CVSS5.1AI score0.00496EPSS

Exploits0References2

Cvelist•added 2023/03/13 12:0 a.m.•19 views

CVE-2022-2258

In affected versions of Octopus Deploy it is possible for a user to view Tagsets without being explicitly assigned permissions to view these items...

4.9AI score0.00496EPSS

Exploits0References1

Vulnrichment•added 2023/03/13 12:0 a.m.•7 views

CVE-2022-2259

In affected versions of Octopus Deploy it is possible for a user to view Workerpools without being explicitly assigned permissions to view these items...

4.6AI score0.00434EPSS

Exploits0References1

Positive Technologies•added 2023/03/13 12:0 a.m.•4 views

PT-2023-12707 · Unknown · Octopus Deploy

Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: The issue allows a user to view Tagsets without having explicit permissions to do so. Recommendations: At the moment, there is no information about a newer version that contains a fi...

4.3CVSS6.8AI score0.00496EPSS

Exploits0References3

Cvelist•added 2023/03/13 12:0 a.m.•16 views

CVE-2022-2259

In affected versions of Octopus Deploy it is possible for a user to view Workerpools without being explicitly assigned permissions to view these items...

4.9AI score0.00434EPSS

Exploits0References1

CNNVD•added 2023/03/13 12:0 a.m.•4 views

Octopus Deploy 安全漏洞

4.3CVSS5.1AI score0.00434EPSS

Exploits0References2

CVE•added 2023/03/13 12:0 a.m.•46 views

CVE-2022-2258

CVE-2022-2258 affects Octopus Deploy: a user can view Tagsets without explicit view permissions, indicating an information disclosure vulnerability. The available sources describe the issue but do not specify affected versions, root cause details, exploit information, or a confirmed fix/version. ...

4.3CVSS4.6AI score0.00496EPSS

Exploits0References1Affected Software1

Snyk•added 2023/03/01 8:18 a.m.•2 views

Malicious Package

Overview toloka-templates-deploy is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7.1AI score

Exploits0References3

OSV•added 2023/03/01 5:46 a.m.•9 views

MAL-2023-493 Malicious code in hardhat-web3-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 736287dd58e487359e35a7c53653af7140c45ca2919d533e02fb45b58e898dbc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score

Exploits0References1

OSSF Malicious Packages•added 2023/03/01 5:46 a.m.•5 views

Malicious code in hardhat-web3-deploy (npm)

6.9AI score

Exploits0References1