CVE-2025-62327

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

CVE-2025-62327

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

CVE-2025-62327

The CVE-2025-62327 affects HCL DevOps Deploy versions 8.1.2.0 through 8.1.2.3. A user with LLM configuration privileges may recover credentials saved for performing authenticated LLM Queries, indicating improper access control around LLM credentials. Root cause described across sources is insuffi...

CVE-2025-62327 HCL DevOps Deploy is susceptible to insufficiently protected credentials

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

CVE-2025-62327 HCL DevOps Deploy is susceptible to insufficiently protected credentials

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

CVE-2022-27210

A cross-site request forgery CSRF vulnerability in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

CVE-2025-1997

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 through 8.0.1.4 and 8.1 through 8.1 is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentiall...

CVE-2025-1998

IBM UrbanCode Deploy UCD through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 through 8.0.1.4 and 8.1 through 8.1 stores potentially sensitive authentication token information in log files that could be read by a local user...

PT-2026-2162

Name of the Vulnerable Software and Affected Versions Panda3D versions up to and including 1.10.16 Description Panda3D deploy-stub contains a denial of service condition resulting from unbounded stack allocation. The deploy-stub executable uses alloca to allocate argv copy and argv copy2 based on...

HCL DevOps Deploy 安全漏洞

HCL DevOps Deploy is an application from HCL India. It can be mapped to your organizational structure using flexible team-based and role-based security models. A security vulnerability exists in HCL DevOps Deploy versions 8.1.2.0 through 8.1.2.3, which stems from improperly configured permissions...

Panda3D 安全漏洞

Panda3D is a cross-platform game engine from Panda3D open source. A security vulnerability exists in Panda3D 1.10.16 and earlier versions, which stems from the presence of an unbounded stack allocation in deploy-stub, which may lead to stack space exhaustion and process crash...

PT-2026-1838

Name of the Vulnerable Software and Affected Versions HCL DevOps Deploy versions 8.1.2.0 through 8.1.2.3 Description A user possessing LLM configuration privileges may be able to recover credentials previously saved for authenticated LLM Queries. Recommendations Update HCL DevOps Deploy to a...

Malicious code in chai-as-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6777d6fb72a2a1e304855ebdd4aa8f8e5e8410136ebcc580b71b5e5f4152eaf2 The package chai-as-deploy was found to contain malicious code...

EUVD-2025-204931

Malicious code in chai-as-deploy npm...

MAL-2025-192722 Malicious code in chai-as-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6777d6fb72a2a1e304855ebdd4aa8f8e5e8410136ebcc580b71b5e5f4152eaf2 The package chai-as-deploy was found to contain malicious code...

HCL Launch和HCL DevOps Deploy 安全漏洞

HCL Launch and HCL DevOps Deploy are both products of HCL India.HCL Launch is a multi-functional, enterprise-grade continuous delivery automation software. Used to handle the most complex deployment processes in DevOps.HCL DevOps Deploy is an application. Can be mapped to your organizational...

CVE-2025-13489

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...

CVE-2025-14148

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...

CVE-2025-36360

IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefl...

megatron-bridge (>=0.1.0rc0 <=0.3.1), nemo-eval (>=0.1.0rc1 <=0.2.0rc0) +1 more potentially affected by CVE-2025-33225 via nvidia-resiliency-ext (>=0.3.0 <=0.4.1)

nvidia-resiliency-ext PYPI version =0.3.0, =0.1.0rc0, =0.1.0rc1, =0.1.0, =0.4.0 Source cves: CVE-2025-33225 Source advisory: SNYK:PYTHON-NVIDIARESILIENCYEXT-14459109...