cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-22349,https://securityvulnerability.io/vulnerability/CVE-2024-22349,Local File Storage Flaw in IBM DevOps Velocity and UrbanCode Products,"A vulnerability in IBM DevOps Velocity and UrbanCode Velocity allows certain web pages to be stored locally on the system. This could enable unauthorized users to read files intended for other users, potentially compromising sensitive information. It is essential for organizations using these products to apply necessary patches and mitigate risks by following recommended security practices.",IBM,"Urbancode Velocity,Devops Velocity",4,MEDIUM,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-01-20T17:42:37.885Z,0
CVE-2024-22347,https://securityvulnerability.io/vulnerability/CVE-2024-22347,Weak Cryptographic Algorithms in IBM DevOps Velocity and UrbanCode Velocity,"IBM DevOps Velocity and IBM UrbanCode Velocity are exposed to vulnerabilities due to the use of cryptographic algorithms that do not meet expected security standards. This weakness could allow attackers to decrypt highly sensitive information, potentially leading to data breaches and unauthorized access. It is crucial for users to address these vulnerabilities by updating to secure versions and reviewing their cryptographic practices.",IBM,"Urbancode Velocity,Devops Velocity",5.9,MEDIUM,0.0008699999889358878,false,,false,false,false,,false,false,false,,2025-01-20T17:41:43.506Z,0
CVE-2024-22348,https://securityvulnerability.io/vulnerability/CVE-2024-22348,Cross-Origin Resource Sharing Flaw in IBM DevOps Velocity and UrbanCode Velocity,"IBM DevOps Velocity versions 5.0.0 and IBM UrbanCode Velocity versions 4.0.0 to 4.0.25 contain a Cross-Origin Resource Sharing (CORS) vulnerability. This flaw allows unauthorized users to perform privileged actions and access sensitive information, as the application does not sufficiently restrict its domain name to trusted sources. This oversight may lead to data leaks and compromise the integrity of web applications that rely on these products for deployment and management.",IBM,"Urbancode Velocity,Devops Velocity",5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-20T17:40:31.965Z,0