CVE-2026-12086
- EPSS 0.11%
- Veröffentlicht 30.06.2026 20:17:28
- Zuletzt bearbeitet 02.07.2026 18:36:09
IBM UCD - IBM UrbanCode Deploy 7.2 through 7.2.3.23, and 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 stores potentially sensitive information in log files that could be read ...
CVE-2026-12085
- EPSS 0.23%
- Veröffentlicht 30.06.2026 20:17:28
- Zuletzt bearbeitet 02.07.2026 18:35:42
IBM UCD - IBM UrbanCode Deploy 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 IBM DevOps Deploy could disclose sensitive configurations and secrets to authenticated users in API...
CVE-2026-12084
- EPSS 0.15%
- Veröffentlicht 30.06.2026 20:17:28
- Zuletzt bearbeitet 02.07.2026 18:37:16
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limite...
CVE-2025-13489
- EPSS 0.16%
- Veröffentlicht 15.12.2025 19:51:13
- Zuletzt bearbeitet 26.12.2025 14:15:57
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques.
CVE-2025-14148
- EPSS 0.25%
- Veröffentlicht 15.12.2025 19:43:07
- Zuletzt bearbeitet 18.12.2025 17:53:31
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token.
- EPSS 0.16%
- Veröffentlicht 15.12.2025 19:38:57
- Zuletzt bearbeitet 18.12.2025 18:00:06
IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enf...
CVE-2025-36162
- EPSS 0.21%
- Veröffentlicht 02.09.2025 18:52:08
- Zuletzt bearbeitet 18.12.2025 17:51:13
IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) 8.1 before 8.1.2.2 could allow an authenticated user to obtain sensitive information about configuration on the system.
CVE-2025-1998
- EPSS 0.16%
- Veröffentlicht 27.03.2025 14:41:56
- Zuletzt bearbeitet 14.08.2025 19:13:16
IBM UrbanCode Deploy (UCD) through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 through 8.0.1.4 and 8.1 through 8.1 stores potentially sensitive authentication token information in log files that could be read by ...
CVE-2025-1997
- EPSS 0.26%
- Veröffentlicht 27.03.2025 14:39:48
- Zuletzt bearbeitet 29.09.2025 18:15:31
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 through 8.0.1.4 and 8.1 through 8.1 is vulnerable to HTML injection. This vulnerability may allow a user to...
CVE-2024-56469
- EPSS 0.25%
- Veröffentlicht 27.03.2025 14:32:51
- Zuletzt bearbeitet 14.08.2025 01:58:37
IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.22, 7.2 through 7.2.3.15, and 7.3 through 7.3.2.10 / IBM DevOps Deploy 8.0 through 8.0.1.5 and 8.1 through 8.1.0.1 could allow unauthorized access to other services or potential exposure of sensitive data ...