2308 matches found
CVE-2024-55904
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially craft...
CVE-2024-55904
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially craft...
CVE-2024-55904
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially craft...
CVE-2024-55904 IBM DevOps Deploy / IBM UrbanCode Deploy command injection
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially craft...
CVE-2024-55904
CVE-2024-55904 affects IBM UrbanCode Deploy (UCD) versions 7.0–7.0.5.25, 7.1–7.1.2.21, 7.2–7.2.3.14, 7.3–7.3.2.9 and IBM DevOps Deploy versions 8.0–8.0.1.4, 8.1–8.1.0.0. The vulnerability is a remote, authenticated command injection (CWE-78) allowing an attacker to execute arbitrary commands on t...
CVE-2024-55904 IBM DevOps Deploy / IBM UrbanCode Deploy command injection
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially craft...
IBM UrbanCode Deploy和IBM DevOps Deploy 操作系统命令注入漏洞
IBM UrbanCode Deploy IBM UCD and IBM DevOps Deploy are both products of International Business Machines IBM, U.S.A. IBM UrbanCode Deploy is a suite of application automation deployment tools. The tool is based on an application deployment automation management information model, and through remot...
PT-2025-6721 · Ibm · Ibm Devops Deploy +1
Name of the Vulnerable Software and Affected Versions: IBM DevOps Deploy versions 8.0 through 8.0.1.4 IBM DevOps Deploy versions 8.1 through 8.1.0.0 IBM UrbanCode Deploy versions 7.0 through 7.0.5.25 IBM UrbanCode Deploy versions 7.1 through 7.1.2.21 IBM UrbanCode Deploy versions 7.2 through...
CVE-2025-0526
In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2025-0526
In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2025-0526
In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2025-0526
In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2025-0526
CVE-2025-0526 affects Octopus Deploy. The issue arises from a lack of input validation in an API endpoint that permits uploading files to unexpected locations on the host, potentially enabling circumvention of intended workflows. Connected sources confirm the vulnerability description across mult...
CVE-2025-0526
In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...
CVE-2025-0589
In affected versions of Octopus Deploy where customers are using Active Directory for authentication it was possible for an unauthenticated user to make an API request against two endpoints which would retrieve some data from the associated Active Directory. The requests when crafted correctly...
CVE-2025-0589
In affected versions of Octopus Deploy where customers are using Active Directory for authentication it was possible for an unauthenticated user to make an API request against two endpoints which would retrieve some data from the associated Active Directory. The requests when crafted correctly...
CVE-2025-0589
In affected versions of Octopus Deploy where customers are using Active Directory for authentication it was possible for an unauthenticated user to make an API request against two endpoints which would retrieve some data from the associated Active Directory. The requests when crafted correctly...
CVE-2025-0589
In affected versions of Octopus Deploy where customers are using Active Directory for authentication it was possible for an unauthenticated user to make an API request against two endpoints which would retrieve some data from the associated Active Directory. The requests when crafted correctly...
CVE-2025-0589
CVE-2025-0589 affects Octopus Deploy when using Active Directory for authentication. An unauthenticated actor can issue API requests to two endpoints and retrieve data from the associated AD: one endpoint returns user profile details (Email address/UPN and Display name); the other returns group i...
PT-2025-6191 · Unknown · Octopus Deploy
Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: The issue allows uploading files to unexpected locations on the host using an API endpoint. This is due to a lack of validation in a field, which could potentially result in ways to...