CVE-2024-23550

CVE-2024-23550 affects HCL DevOps Deploy / HCL Launch (UCD). The Windows agent installer could disclose sensitive user information, with confidentiality impact described as High in the CVSS data. The provided documents do not specify the underlying root cause details or a fixed version. Public so...

HCL Technologies HCL Launch Security Breach

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, Inc. for handling the most complex deployment processes in DevOps. A security vulnerability exists in HCL DevOps Deploy and HCL Launch UCD that stems from the ability to...

Octopus Cross-Site Scripting Vulnerability

Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. A cross-site scripting vulnerability exists in Octopus version 1.0, which stems from the fact that passing the parameter description can lead to cross-site scripting...

Octopus SQL Injection Vulnerability

Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. An SQL injection vulnerability exists in Octopus version 1.0, which stems from the parameter ancestors in the file /system/dept/edit that can lead to SQL injection...

Octopus Deploy SQL Injection Vulnerability

Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. A SQL injection vulnerability exists in Octopus Deploy version 1.0, which stems from /system/role/list containing unknown functions that cause SQL injection via the...

GitLab 10.7 < 14.3.6 / 14.4 < 14.4.4 / 14.5 < 14.5.2 (CVE-2021-39936)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper access control in GitLab CE/EE affecting all versions starting from 10.7 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an...

GitLab 12.10 < 15.1.6 / 15.2 < 15.2.4 / 15.3 < 15.3.2 (CVE-2022-2533)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 12.10 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. GitLab wa...

GitLab 12.0.0 < 14.9.5 / 14.10.0 < 14.10.4 / 15.0.0 < 15.0.1 (CVE-2022-1936)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker...

GitLab 8.15 < 14.3.6 / 14.4 < 14.4.4 / 14.5 < 14.5.2 (CVE-2021-39938)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A vulnerable regular expression pattern in GitLab CE/EE since version 8.15 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attack...

CVE-2023-45702

An HCL UrbanCode Deploy Agent installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts...

CVE-2023-45702

An HCL UrbanCode Deploy Agent installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts...

Code injection

An HCL UrbanCode Deploy Agent installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts...

CVE-2023-45702 HCL Launch Agent as a Windows service is vulnerable to a Denial of Service

An HCL UrbanCode Deploy Agent installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts...

CVE-2023-45702

CVE-2023-45702 affects the HCL UrbanCode Deploy Agent when installed as a Windows service in a non-standard location. The documented impact is a local-accounts–based denial of service, with exploitation attempted locally and no user interaction required. The available sources describe the vulnera...

The new feature "Use existing identity pools to create identities for MCS-provisioned machines"

For quick deploy, it should be 1 to 1 mapping for identity pool to MCS catalog...

PT-2023-29655 · Hcl · Hcl Urbancode Deploy Agent

Name of the Vulnerable Software and Affected Versions: HCL UrbanCode Deploy Agent affected versions not specified Description: The issue concerns a denial of service attack that can be launched by local accounts against an HCL UrbanCode Deploy Agent installed as a Windows service in a non-standar...

HCL Launch Security Breach

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, Inc. for handling the most complex deployment processes in DevOps. A security vulnerability exists in HCL Launch versions 7.2 through 7.2.3.7 and 7.3 through 7.3.2.2, which...

Improper Authorization

gitlab is vulnerable to Improper Authorization. It is possible for a removed project member to write to protected branches by using deploy keys...

IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2023-10015958)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

IBM UrbanCode Deploy Denial of Service Vulnerability (CNVD-2023-10015761)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...