EUVD-2025-208991

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to cause a denial of service due to excessive resource consumption when processing certain webhook configurati...

Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition 安全漏洞

Enalean Tuleap Community Edition and Enalean Tuleap Enterprise Edition are both an open source suite from Enalean Open Source designed to improve the management of software development and collaboration. A security vulnerability exists in Tuleap Community Edition version 16.11.99.1757427600 and...

CVE-2025-54877 Tuleap's special and always there fields permissions are not verified in cross-tracker search

Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition versions before 16.10.99.1754050155 and Tuleap Enterprise Edition versions before 16.9-8 and before 16.10-5, an attacker can access to the content of the special...

PT-2025-35223

Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 16.10.99.1754050155 Tuleap Enterprise Edition versions prior to 16.9-8 Tuleap Enterprise Edition versions prior to 16.10-5 Description: Tuleap is an Open Source Suite created to facilitate management...

Oracle Linux 10 : postgresql16 (ELSA-2025-14826)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14826 advisory. 16.10-1.0.1 - Replace upstream reference Orabug: 37044148 16.10-1 - Update to version 16.10 - Resolves: rhbz2388580 16.8-2 - Add tmpfiles.d...

Linux Distros Unpatched Vulnerability : CVE-2024-3092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. A payload...

Linux Distros Unpatched Vulnerability : CVE-2023-6682

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from...

CVE-2025-8713 affecting package postgresql for versions less than 16.10-1

CVE-2025-8713 affecting package postgresql for versions less than 16.10-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-8715 affecting package postgresql for versions less than 16.10-1

CVE-2025-8715 affecting package postgresql for versions less than 16.10-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-8714 affecting package postgresql for versions less than 16.10-1

CVE-2025-8714 affecting package postgresql for versions less than 16.10-1. An upgraded version of the package is available that resolves this issue...

Linux Distros Unpatched Vulnerability : CVE-2024-2434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions of GitLab CE/EE 16.9 prior to 16.9.6, 16.10 prior to 16.10.4, and 16.11 prior to 16.11.1 where pat...

CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

GitLab 16.10 < 17.11.5 / 18.0 < 18.0.3 / 18.1 < 18.1.1 (CVE-2025-5846)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users to assign unrelated...

CVE-2024-5469

DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3 allows an attacker to crash KAS via crafted gRPC requests...

UBUNTU-CVE-2024-2878

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible for an attacker to cause a denial of service by crafting unusual search terms for branch names...

PT-2024-32473 · Withsecure · Elements Client Security For Mac +2

Name of the Vulnerable Software and Affected Versions: WithSecure Elements Agent for Mac versions prior to 24.3 MDR versions prior to 24.3 Elements Client Security for Mac versions prior to 16.10 Description: The issue allows a remote Denial of Service. Recommendations: For WithSecure Elements...

Canonical Ubuntu Linux SEoL (16.10.x)

According to its version, Canonical Ubuntu Linux is 16.10.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...

BIT-GITLAB-2024-5430 Improper Access Control in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.10 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows a project maintainer can delete the merge request approval policy via graphQL...

CVE-2024-5430

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.10 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows a project maintainer can delete the merge request approval policy via graphQL...

GitLab 16.10 < 16.11.5 / 17.0 < 17.0.3 / 17.1 < 17.1.1 (CVE-2024-5430)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.10 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows a project...