Nanoleaf Lines unauthenticated firmware file store

RISK EVALUATION Nanoleaf Lines 12.3.2 does not authenticate firmware file uploads. A remote, unauthenticated attacker can upload firmware files on the device and consume storage resources. 2. RECOMMENDED PRACTICES Update to 12.3.6. 3. DESCRIPTION Nanoleaf Lines 12.3.2 does not authenticate...

CVE-2026-27461

Pimcore is an Open Source Data & Experience Management Platform. In versions up to and including 11.5.14.1 and 12.3.2, the filter query parameter in the dependency listing endpoints is JSON-decoded and the value field is concatenated directly into RLIKE clauses without sanitization or parameteriz...

EUVD-2022-0488

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-21670

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser...

CVE-2023-37361

REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via scheduling, repeatforms, purpose, apptitle, or randomization...

PT-2023-25931 · Redcap · Redcap

Name of the Vulnerable Software and Affected Versions: REDCap versions 12.0.26 through 12.3.2 Description: The issue allows SQL Injection via parameters such as scheduling, repeatforms, purpose, app title, or randomization. Recommendations: For versions 12.0.26 and 12.3.2, consider restricting...

DEBIAN-CVE-2022-21670

markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser significantly. Users should upgrade to version 12.3.2 to receive a patch. There are no known workarounds aside from upgrading...

Code injection

markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser significantly. Users should upgrade to version 12.3.2 to receive a patch. There are no known workarounds aside from upgrading...

UBUNTU-CVE-2022-21670

markdown-it is a Markdown parser. Prior to version 1.3.2, special patterns with length greater than 50 thousand characterss could slow down the parser significantly. Users should upgrade to version 12.3.2 to receive a patch. There are no known workarounds aside from upgrading...

PT-2022-15024 · Unknown · Markdown-It

Name of the Vulnerable Software and Affected Versions: markdown-it versions prior to 12.3.2 Description: The issue concerns a Markdown parser that can be significantly slowed down by special patterns with lengths greater than 50 thousand characters. There are no known real-world incidents or...

GitLab Authorization Issues Vulnerability (CNVD-2020-13192)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An authorization issue vulnerability exists in GitLab...

CVE-2019-15578

An information disclosure exists in 12.3.2, 12.2.6, and 12.1.12 for GitLab Community Edition CE and Enterprise Edition EE. The path of a private project, that used to be public, would be disclosed in the unsubscribe email link of issues and merge requests...

Information disclosure

An information disclosure exists in 12.3.2, 12.2.6, and 12.1.12 for GitLab Community Edition CE and Enterprise Edition EE. When an issue was moved to a public project from a private one, the associated private labels and the private project namespace would be disclosed through the GitLab API...

CVE-2019-15582

Removed by vendor...

CVE-2019-15584

A denial of service exists in gitlab v12.3.2, v12.2.6, and v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page...

Gitlab Information Disclosure Vulnerability (CNVD-2020-03757)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An information disclosure vulnerability exists in GitLab...

Gitlab Improper Access Control Vulnerability (CNVD-2020-03758)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An improper access control vulnerability exists in Gitlab...

CVE-2019-15577

An information disclosure vulnerability exists in GitLab CE/EE v12.3.2, v12.2.6, and v12.1.12 that allowed project milestones to be disclosed via groups browsing...

Apple Security Update: iOS 12.3.2

Apple recommends to install security update iOS 12.3.2 on devices iPhone 8 Plus...

Apple Security Update: iOS 12.3.2

Apple recommends to install security update iOS 12.3.2 on devices iPhone 8 Plus...