Lucene search
K

33 matches found

Cvelist
Cvelist
added 6 days ago36 views

CVE-2026-56460 HCL DevOps Deploy / HCL Launch is susceptible to an Insertion of Sensitive Information Into Sent Data vulnerability

HCL DevOps Deploy / HCL Launch could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attacks against the system...

6.5CVSS0.00379EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-56460

HCL DevOps Deploy / HCL Launch could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attacks against the system...

6.5CVSS5.8AI score0.00379EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-42555

HCL DevOps Deploy / HCL Launch could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attacks against the system...

6.5CVSS5.8AI score0.00379EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 6 days ago9 views

PT-2026-56765

Name of the Vulnerable Software and Affected Versions HCL DevOps Deploy / HCL Launch affected versions not specified Description HCL DevOps Deploy / HCL Launch may disclose sensitive configurations and secrets to authenticated users through API responses. This information leakage could be leverag...

6.5CVSS6.1AI score0.00379EPSS
Exploits0References5
NVD
NVD
added 2026/06/30 8:17 p.m.7 views

CVE-2026-12085

IBM UCD - IBM UrbanCode Deploy 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 IBM DevOps Deploy could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attack...

6.5CVSS0.00234EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/30 7:38 p.m.5 views

EUVD-2026-40391

IBM UCD - IBM UrbanCode Deploy 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 IBM DevOps Deploy could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attack...

6.5CVSS5.7AI score0.00234EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 7:38 p.m.34 views

CVE-2026-12085 IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptable to an Insertion of Sensitive Information Into Sent Data vulnerability

IBM UCD - IBM UrbanCode Deploy 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 IBM DevOps Deploy could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attack...

6.5CVSS0.00234EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 7:38 p.m.26 views

CVE-2026-12085

IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) are affected by CVE-2026-12085, which allows authenticated users to view sensitive configurations and secrets in API responses. Affected versions include UCD 7.3 through 7.3.2.18 and IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8....

6.5CVSS5.7AI score0.00234EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.15 views

PT-2026-53968

Name of the Vulnerable Software and Affected Versions IBM UrbanCode Deploy versions 7.3 through 7.3.2.18 IBM DevOps Deploy versions 8.0 through 8.0.1.13 IBM DevOps Deploy versions 8.1 through 8.1.2.6 IBM DevOps Deploy versions 8.2 through 8.2.1.0 Description Authenticated users may be able to...

6.5CVSS5.9AI score0.00234EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 6:55 p.m.11 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptable to an Insertion of Sensitive Information Into Sent Data vulnerability (CVE-2026-12085)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attacks against the system. CVE-2026-12085. Vulnerability Details CVEID:CVE-2026-12085 DESCRIPTION: IBM DevOps Deploy coul...

6.5CVSS5.7AI score0.00234EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/03/16 3:30 p.m.4 views

GHSA-4PPJ-6CHV-5PGC Mattermost Microsoft Teams Plugin fails to properly mask sensitive configuration values

Mattermost Plugins versions =2.0.3.0 fail to properly mask sensitive configuration values which allows an attacker with access to support packets to obtain original plugin settings via exported configuration data. Mattermost Advisory ID: MMSA-2026-00606...

7.6CVSS5.8AI score0.0018EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/15 3:29 p.m.2 views

CVE-2026-26366

eNet SMART HOME server 2.2.1 and 2.3.1 ships with default credentials user:user, admin:admin that remain active after installation and commissioning without enforcing a mandatory password change. Unauthenticated attackers can use these default credentials to gain administrative access to sensitiv...

9.8CVSS5.5AI score0.00652EPSS
Exploits2References3
NVD
NVD
added 2025/12/24 8:15 p.m.6 views

CVE-2018-25137

FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig REST API that allows attackers to download sensitive configuration files. Attackers can exploit the getConfigExportFile.cgi endpoint to retrieve system configurations, potentially enabling authenticati...

8.7CVSS0.00434EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/10/30 9:45 a.m.11 views

CVE-2025-54471 NeuVector is shipping cryptographic material into its binary

NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...

6.5CVSS0.00242EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/21 8:26 p.m.3 views

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/rest to...

7.1CVSS6.9AI score0.00242EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/21 8:26 p.m.1 views

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/kv to versi...

7.1CVSS6.9AI score0.00242EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-6666

Malware in sbrugna...

7.8CVSS6.4AI score0.02261EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-2699

Malware in sbrugna...

9.8CVSS9.5AI score0.01225EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-32346

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00357EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-6275

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00605EPSS
Exploits0References5
Rows per page
Query Builder