Unity Linux 20.1070a Security Update: libpq (UTSA-2026-007266)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007266 advisory. Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocati...

UBUNTU-CVE-2025-13690

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to cause a denial of service condition due to improper input validation on webhook custom header names under...

CVE-2025-13690

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to cause a denial of service condition due to improper input validation on webhook custom header names under...

CVE-2025-14513 Improper Validation of Specified Quantity in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service condition due to improper input validation when processing specially crafted JSON...

Oracle Linux 10 : libpq (ELSA-2026-0594)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0594 advisory. 16.11-3 - Release bump 16.11-1 - Rebase to upstream release 16.11 Tenable has extracted the preceding description block directly from the Oracle Linux security...

CVE-2025-12817 affecting package postgresql for versions less than 16.11-1

CVE-2025-12817 affecting package postgresql for versions less than 16.11-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-12818 affecting package postgresql for versions less than 16.11-1

CVE-2025-12818 affecting package postgresql for versions less than 16.11-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-12817

Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail. Versions before...

EUVD-2018-1999

Malware in sbrugna...

EUVD-2018-1998

Malware in sbrugna...

EUVD-2024-47438

Malicious code in bioql PyPI...

CVE-2025-59040 Tuleap backlog item representations do not verify the permissions of the child trackers

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Backlog item representations do not verify the permissions of the child trackers. Users might see tracker names they should not have access to. This vulnerability is fixed in Tuleap Community Edition...

Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition 安全漏洞

Enalean Tuleap Community Edition and Enalean Tuleap Enterprise Edition are both an open source suite from Enalean Open Source designed to improve the management of software development and collaboration. A security vulnerability exists in Tuleap Community Edition version 16.11.99.1757427600 and...

Linux Distros Unpatched Vulnerability : CVE-2023-6682

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from...

Linux Distros Unpatched Vulnerability : CVE-2024-2434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions of GitLab CE/EE 16.9 prior to 16.9.6, 16.10 prior to 16.10.4, and 16.11 prior to 16.11.1 where pat...

Microsoft Visual Studio 后置链接漏洞

Microsoft Visual Studio is a family of development tool suites and a largely complete development toolset from Microsoft Corporation USA that includes most of the tools needed throughout the software lifecycle. A backlink vulnerability exists in Microsoft Visual Studio. The following products and...

CVE-2024-5469

DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3 allows an attacker to crash KAS via crafted gRPC requests...

UBUNTU-CVE-2024-2878

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible for an attacker to cause a denial of service by crafting unusual search terms for branch names...

CVE-2024-8640

An issue has been discovered in GitLab EE affecting all versions starting from 16.11 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. Due to incomplete input filtering, it was possible to inject commands into a connected Cube server...

CVE-2024-8640

Removed by vendor...