Lucene search
+L

20 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-3302

Malware in sbrugna...

8.1CVSS8.2AI score0.01173EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-10564

Malware in sbrugna...

9CVSS8.8AI score0.12475EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-18786

Malware in sbrugna...

6.1CVSS6.3AI score0.0106EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-19679

Malware in sbrugna...

7.5CVSS7.5AI score0.01267EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-42975

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00391EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-35002

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00447EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-34350

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00657EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:22 a.m.15 views

CVE-2022-4870

In affected versions of Octopus Deploy it is possible to discover network details via error message...

5.3CVSS6.9AI score0.0045EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 p.m.22 views

CVE-2022-1901

In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview...

5.3CVSS6.8AI score0.00455EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:30 p.m.15 views

CVE-2022-2507

In affected versions of Octopus Deploy it is possible to render user supplied input into the webpage...

5.3CVSS6.9AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:14 p.m.8 views

CVE-2020-26161

In Octopus Deploy through 2020.4.2, an attacker could redirect users to an external site via a modified HTTP Host header...

6.1CVSS6.7AI score0.0106EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 1:25 p.m.7 views

CVE-2018-12089

In Octopus Deploy version 2018.5.1 to 2018.5.7, a user with Task View is able to view a password for a Service Fabric Cluster, when the Service Fabric Cluster target is configured in Azure Active Directory security mode and a deployment is executed with OctopusPrintVariables set to True. This is...

7.5CVSS7AI score0.00929EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:51 a.m.10 views

CVE-2018-11320

In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target do not have sensitive values obfuscated in the deployment logs...

9.8CVSS6.9AI score0.01376EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/12 5:43 a.m.18 views

CVE-2025-0539

In affected Microsoft Windows versions of Octopus Deploy, the server can be coerced into sending server-side requests that contain authentication material allowing a suitably positioned attacker to compromise the account running Octopus Server and potentially the host infrastructure itself...

8.8CVSS7.2AI score0.0034EPSS
Exploits0References1
CVE
CVE
added 2025/04/10 5:20 a.m.74 views

CVE-2025-0539

CVE-2025-0539 affects Octopus Deploy on Windows where the server can be coerced into issuing server-side requests that include authentication material. The underlying impact is that a suitably positioned attacker could compromise the account running the Octopus Server and potentially affect the h...

8.8CVSS7AI score0.0034EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/11 10:9 a.m.4 views

CVE-2025-0526

In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows...

2.3CVSS7.7AI score0.00337EPSS
Exploits0References1
CVE
CVE
added 2025/02/11 10:9 a.m.87 views

CVE-2025-0526

CVE-2025-0526 affects Octopus Deploy. The issue arises from a lack of input validation in an API endpoint that permits uploading files to unexpected locations on the host, potentially enabling circumvention of intended workflows. Connected sources confirm the vulnerability description across mult...

5.4CVSS7.5AI score0.00337EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.7 views

PT-2025-6191 · Unknown · Octopus Deploy

Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: The issue allows uploading files to unexpected locations on the host using an API endpoint. This is due to a lack of validation in a field, which could potentially result in ways to...

7.5CVSS6.1AI score0.00337EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2022/09/28 12:0 a.m.7 views

CVE-2022-2760

In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the user does not have access to view in an error message when a resource is part of another Space...

4.5AI score0.00447EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/09 12:0 a.m.5 views

PT-2022-17185 · Unknown · Octopus Deploy

Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: The issue allows uploading a package to the built-in feed with insufficient permissions after re-indexing packages. Recommendations: At the moment, there is no information about a...

6.5CVSS6.4AI score0.00446EPSS
Exploits0References3
Rows per page
Query Builder