2310 matches found
CVE-2016-0373
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119...
CVE-2016-0373
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119...
CVE-2016-0373
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119...
CVE-2016-0373
IBM UrbanCode Deploy CVE-2016-0373 enables information disclosure via REST endpoints not properly authorizing readers. Affected versions are 6.0 through 6.2.2.1 (inclusive). The root cause is an authorization failure in UCD REST endpoints that allows an authenticated user to read sensitive data. ...
IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2018-18006)
IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...
IBM UrbanCode Deploy Directory Traversal Vulnerability
IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...
Code injection
IBM UrbanCode Deploy 6.1 through 6.9.6.0 could allow a remote attacker to traverse directories on the system. An unauthenticated attacker could alter UCD deployments. IBM X-Force ID: 135522...
Information disclosure
Sensitive information about the configuration of the IBM UrbanCode Deploy 6.1 through 6.9.6.0 server and database can be obtained by a user who has been given elevated permissions in the UI, even after those elevated permissions have been revoked. IBM X-Force ID: 125147...
CVE-2017-1286
Sensitive information about the configuration of the IBM UrbanCode Deploy 6.1 through 6.9.6.0 server and database can be obtained by a user who has been given elevated permissions in the UI, even after those elevated permissions have been revoked. IBM X-Force ID: 125147...
CVE-2017-1749
IBM UrbanCode Deploy 6.1 through 6.9.6.0 could allow a remote attacker to traverse directories on the system. An unauthenticated attacker could alter UCD deployments. IBM X-Force ID: 135522...
CVE-2017-1749
IBM UrbanCode Deploy 6.1 through 6.9.6.0 could allow a remote attacker to traverse directories on the system. An unauthenticated attacker could alter UCD deployments. IBM X-Force ID: 135522...
CVE-2017-1286
Sensitive information about the configuration of the IBM UrbanCode Deploy 6.1 through 6.9.6.0 server and database can be obtained by a user who has been given elevated permissions in the UI, even after those elevated permissions have been revoked. IBM X-Force ID: 125147...
CVE-2017-1749
IBM UrbanCode Deploy 6.1 through 6.9.6.0 could allow a remote attacker to traverse directories on the system. An unauthenticated attacker could alter UCD deployments. IBM X-Force ID: 135522...
CVE-2017-1286
Sensitive information about the configuration of the IBM UrbanCode Deploy 6.1 through 6.9.6.0 server and database can be obtained by a user who has been given elevated permissions in the UI, even after those elevated permissions have been revoked. IBM X-Force ID: 125147...
CVE-2017-1286
CVE-2017-1286 affects IBM UrbanCode Deploy 6.1–6.9.6.0, where a user with elevated UI permissions can obtain sensitive server/database configuration data even after privileges are revoked. The IBM Security Bulletin confirms an information-disclosure vulnerability in UCD diagnostics files, with af...
CVE-2017-1749
IBM UrbanCode Deploy 6.1–6.9.6.0 is affected by CVE-2017-1749, a directory traversal vulnerability that could allow an unauthenticated remote attacker to upload or replace plugins and thereby alter deployments. The IBM security bulletin notes that all fixpacks of UrbanCode Deploy 6.1 (up to 6.1.3...
Integer overflow
The mintToken function of a smart contract implementation for Deploy, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...
Octopus Deploy Design Vulnerability
Octopus Deploy is an automation tool for the development and deployment of .NET, Java and other applications from Octopus Deploy Australia. A security vulnerability exists in Octopus Deploy versions prior to 3.0. An attacker could exploit the vulnerability to create accounts under the...
CVE-2018-12884
In Octopus Deploy 3.0 onwards before 2018.6.7, an authenticated user with incorrect permissions may be able to create Accounts under the Infrastructure menu...
Design/Logic Flaw
In Octopus Deploy 3.0 onwards before 2018.6.7, an authenticated user with incorrect permissions may be able to create Accounts under the Infrastructure menu...