30 matches found
SUSE CVE-2025-65516
A stored cross-site scripting XSS vulnerability was discovered in Seafile Community Edition prior to version 13.0.12. When Seafile is configured with the Golang file server, an attacker can upload a crafted SVG file containing malicious JavaScript and share it using a public link. Opening the lin...
CVE-2025-65516
A stored cross-site scripting XSS vulnerability was discovered in Seafile Community Edition prior to version 13.0.12. When Seafile is configured with the Golang file server, an attacker can upload a crafted SVG file containing malicious JavaScript and share it using a public link. Opening the lin...
CVE-2025-65516
A stored cross-site scripting XSS vulnerability was discovered in Seafile Community Edition prior to version 13.0.12. When Seafile is configured with the Golang file server, an attacker can upload a crafted SVG file containing malicious JavaScript and share it using a public link. Opening the lin...
CVE-2025-65516
A stored cross-site scripting XSS vulnerability was discovered in Seafile Community Edition prior to version 13.0.12. When Seafile is configured with the Golang file server, an attacker can upload a crafted SVG file containing malicious JavaScript and share it using a public link. Opening the lin...
Linux Distros Unpatched Vulnerability : CVE-2020-13318
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4. GitLabs EKS integration was vulnerable to a cross-account assume...
Linux Distros Unpatched Vulnerability : CVE-2020-13290
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page CVE-2020-13290 Note that Nessus relies on the presence o...
CVE-2020-13318
A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4. GitLabs EKS integration was vulnerable to a cross-account assume role attack...
BIT-GITLAB-2020-13280
For GitLab before 13.0.12, 13.1.6, 13.2.3 a memory exhaustion flaw exists due to excessive logging of an invite email error message...
UBUNTU-CVE-2020-13318
A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4. GitLabs EKS integration was vulnerable to a cross-account assume role attack...
PT-2020-13459 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.0.12 GitLab versions prior to 13.1.10 GitLab versions prior to 13.2.8 GitLab versions prior to 13.3.4 Description: A cross-account assume role attack was possible due to a vulnerability in GitLab's EKS integration...
GitLab Cross-Site Scripting Vulnerability (CNVD-2020-46291)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in tooltip in...
GitLab code issue vulnerability (CNVD-2020-46484)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions prior ...
CVE-2020-13285
For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting XSS vulnerability exists in the issue reference number tooltip...
CVE-2020-13283
For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issues list via milestone title...
PT-2020-13427 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.0.12 GitLab versions prior to 13.1.6 GitLab versions prior to 13.2.3 Description: The issue allows user-controlled git configuration settings to be modified, resulting in Server Side Request Forgery. Recommendation...
PT-2020-13422 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.0.12 GitLab versions prior to 13.1.6 GitLab versions prior to 13.2.3 Description: A denial of service issue exists in the project import feature. Recommendations: For versions prior to 13.0.12, update to version...
GitLab Authorization Issues Vulnerability (CNVD-2020-46490)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions prior ...
GitLab Memory Exhaustion Vulnerability
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions prior ...
GitLab Data Forgery Issue Vulnerability
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions prior ...
GitLab Cross-Site Scripting Vulnerability (CNVD-2020-46489)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in Issues in...