CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/03/04 7:45 p.m.•2 views

CVE-2025-36364

IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system...

OSV•added 2026/03/03 8:16 p.m.•1 views

CVE-2025-36364

IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system...

3.3CVSS5.8AI score

NVD•added 2026/03/03 8:16 p.m.•4 views

CVE-2025-36363

IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

7.5CVSS0.00058EPSS

OSV•added 2026/03/03 8:16 p.m.•1 views

CVE-2025-36363

IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

7.5CVSS5.8AI score

NVD•added 2026/03/03 8:16 p.m.•1 views

CVE-2025-36364

IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system...

6.2CVSS0.00016EPSS

ATTACKERKB•added 2026/03/03 7:46 p.m.•0 views

CVE-2025-36363

IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

Exploits0References2Affected Software1

Cvelist•added 2026/03/03 7:46 p.m.•15 views

CVE-2025-36363 IBM DevOps Plan is vulnerable to Excessive Authentication Attempts

IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

5.9CVSS0.00058EPSS

CVE•added 2026/03/03 7:46 p.m.•4 views

CVE-2025-36363

CVE-2025-36363 affects IBM DevOps Plan 3.0.0–3.0.5. The root cause is an inadequate account lockout setting, potentially allowing a remote attacker to brute-force credentials. Documented impact is exposure of confidentiality with no integrity/availability impact stated; CVSS metrics indicate high...

7.5CVSS6AI score0.00058EPSS

Exploits0References1Affected Software1

EUVD•added 2026/03/03 7:46 p.m.•0 views

EUVD-2025-208254

IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

Vulnrichment•added 2026/03/03 7:46 p.m.•3 views

CVE-2025-36363 IBM DevOps Plan is vulnerable to Excessive Authentication Attempts

IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

EUVD•added 2026/03/03 7:43 p.m.•1 views

EUVD-2025-208255

IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system...

ATTACKERKB•added 2026/03/03 7:43 p.m.•0 views

CVE-2025-36364

IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system...

Exploits0References2Affected Software1

Vulnrichment•added 2026/03/03 7:43 p.m.•2 views

CVE-2025-36364 IBM DevOps Plan REST APIs are vulnerable to exposure of sensitive data through request query parameters.

IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system...

CVE•added 2026/03/03 7:43 p.m.•5 views

CVE-2025-36364

Summary: CVE-2025-36364 affects IBM DevOps Plan REST APIs (versions 3.0.0–3.0.5). Affected component: web page cache can be stored locally and read by another user on the same system, exposing sensitive data. Root cause/impact: Local cache exposure potentially leaks sensitive information; CVSS ba...

Exploits0References1Affected Software1

IBM Security Bulletins•added 2026/03/03 7:23 a.m.•12 views

Security Bulletin: Multiple Vulnerabilities in IBM DevOps Build.

Summary Multiple vulnerabilities were addressed in IBM DevOps Build 7.1.0.2. Vulnerability Details CVEID:CVE-2025-52434 DESCRIPTION: Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Tomcat when using the APR/Native connector. This w...

9.8CVSS6.6AI score0.72202EPSS

Exploits13Affected Software1

CNNVD•added 2026/03/03 12:0 a.m.•1 views

IBM DevOps Plan 安全漏洞

IBM DevOps Plan is a change management collaboration platform provided by the American multinational company International Business Machines IBM. Versions of IBM DevOps Plan 3.0.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the ability for web cache data to ...

6.2CVSS5.8AI score0.00016EPSS

Exploits0References2

Positive Technologies•added 2026/03/03 12:0 a.m.•3 views

PT-2026-22798

Name of the Vulnerable Software and Affected Versions IBM DevOps Plan versions 3.0.0 through 3.0.5 Description The software uses an inadequate account lockout setting, which could allow a remote attacker to brute force account credentials. Recommendations Update to a version beyond 3.0.5...

Positive Technologies•added 2026/03/03 12:0 a.m.•2 views

Exploits0References4

PT-2026-22799

IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system...