Lucene search
K

2321 matches found

CVE
CVE
added 2024/02/21 10:57 p.m.113 views

CVE-2023-3509

CVE-2023-3509 affects GitLab across versions: before 16.7.6, 16.8 before 16.8.3, and 16.9 before 16.9.1. The issue allows group members with sub-maintainer rights to rename privately accessible deploy keys associated with projects within the group. Mitigations are published by GitLab in fixed rel...

5.4CVSS4.8AI score0.00322EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/02/21 10:57 p.m.16 views

CVE-2023-3509

Removed by vendor...

5.4CVSS6AI score0.00322EPSS
Exploits0
OSV
OSV
added 2024/02/21 10:57 p.m.15 views

CVE-2023-3509 Incorrect Authorization in GitLab

An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible deploy keys associated...

3.7CVSS5.2AI score0.00322EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/02/21 12:0 a.m.22 views

GitLab 0 < 16.7.6 / 16.8 < 16.8.3 / 16.9 < 16.9.1 (CVE-2023-3509)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group...

5.4CVSS5.6AI score0.00322EPSS
Exploits0References4
CNVD
CNVD
added 2024/02/20 12:0 a.m.18 views

IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2024-09172)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

6.2CVSS6.3AI score0.00188EPSS
Exploits0References1
NVD
NVD
added 2024/02/12 9:15 a.m.12 views

CVE-2023-41703

User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avo...

6.1CVSS6.3AI score0.00528EPSS
Exploits0References3
OSV
OSV
added 2024/02/12 9:15 a.m.1 views

CVE-2023-41703

User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avo...

6.1CVSS5.8AI score0.00528EPSS
Exploits0References3
Prion
Prion
added 2024/02/12 9:15 a.m.19 views

Cross site request forgery (csrf)

Processing of user-defined mail search expressions is not limited. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing time of mail search expressions now gets monitored, and the related request is terminated...

4CVSS7.2AI score0.00785EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/12 8:15 a.m.16 views

CVE-2023-41703

User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avo...

6.1CVSS6.5AI score0.00528EPSS
Exploits0References2
NVD
NVD
added 2024/02/06 5:15 p.m.30 views

CVE-2024-22331

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...

6.2CVSS6.1AI score0.00188EPSS
Exploits0References2
OSV
OSV
added 2024/02/06 5:15 p.m.2 views

CVE-2024-22331

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...

5.5CVSS5.7AI score0.00188EPSS
Exploits0References2
Prion
Prion
added 2024/02/06 5:15 p.m.23 views

Code injection

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...

1.7CVSS6.2AI score0.00188EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2024/02/06 4:15 p.m.27 views

CVE-2024-22331 IBM UrbanCode Deploy information disclosure

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...

6.2CVSS6.1AI score0.00188EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/06 4:15 p.m.32 views

CVE-2024-22331 IBM UrbanCode Deploy information disclosure

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...

6.2CVSS6AI score0.00188EPSS
Exploits0References2
CVE
CVE
added 2024/02/06 4:15 p.m.66 views

CVE-2024-22331

CVE-2024-22331 affects IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy. The issue could disclose sensitive user information when installing the Windows agent as a service, impacting UCD versions: 7.0–7.0.5.19, 7.1–7.1.2.15, 7.2–7.2.3.8, 7.3–7.3.2.3, and DevOps Deploy 8.0.0.0. Root cause is infor...

6.2CVSS5.2AI score0.00188EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/06 12:0 a.m.4 views

PT-2024-19344 · Ibm +1 · Ibm Urbancode Deploy +1

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.0 through 7.0.5.19 IBM UrbanCode Deploy versions 7.1 through 7.1.2.15 IBM UrbanCode Deploy versions 7.2 through 7.2.3.8 IBM UrbanCode Deploy versions 7.3 through 7.3.2.3 IBM UrbanCode Deploy UCD - IBM DevOps...

6.2CVSS5.3AI score0.00188EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/02/06 12:0 a.m.4 views

IBM UrbanCode Deploy 信息泄露漏洞

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

6.2CVSS6AI score0.00188EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/05 1:26 p.m.30 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) may be vulnerable to sensitive information disclosure (CVE-2024-22331)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD could disclose sensitive user information when installing the Windows agent as a service. Vulnerability Details CVEID:CVE-2024-22331 DESCRIPTION: IBM UrbanCode Deploy UCD could disclose sensitive user information when installing the Windows...

6.2CVSS5.4AI score0.00188EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/05 1:26 p.m.47 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) may be vulnerable to HTTP request smuggling (CVE-2023-46589)

Summary Due to the use of Apache Tomcat, IBM DevOps Deploy / IBM UrbanCode Deploy UCD is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP trailer headers. By sending a specially crafted HTTPS trailer header, an attacker could exploit this vulnerability to poison the we...

7.5CVSS7.5AI score0.02651EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/02/03 6:15 a.m.13 views

CVE-2024-23550

HCL DevOps Deploy / HCL Launch UCD could disclose sensitive user information when installing the Windows agent...

6.2CVSS6.2AI score0.00214EPSS
Exploits0References1
Rows per page
Query Builder