Lucene search
K

44 matches found

CNNVD
CNNVD
added 2025/11/15 12:0 a.m.5 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab CE and EE versions 16.9 through 18.3...

6.5CVSS6.5AI score0.00375EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-2191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1...

5.3CVSS5.5AI score0.00432EPSS
Exploits0References2
CVE
CVE
added 2025/08/29 3:7 p.m.26 views

CVE-2025-54877

Tuleap CVE-2025-54877 affects Community Edition <16.10.99.1754050155 and Enterprise Edition <16.9-8 and

5.3CVSS6.3AI score0.00275EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/08/29 3:7 p.m.5 views

CVE-2025-54877 Tuleap's special and always there fields permissions are not verified in cross-tracker search

Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition versions before 16.10.99.1754050155 and Tuleap Enterprise Edition versions before 16.9-8 and before 16.10-5, an attacker can access to the content of the special...

5.3CVSS6.7AI score0.00275EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/29 12:0 a.m.6 views

PT-2025-35223

Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 16.10.99.1754050155 Tuleap Enterprise Edition versions prior to 16.9-8 Tuleap Enterprise Edition versions prior to 16.10-5 Description: Tuleap is an Open Source Suite created to facilitate management...

5.3CVSS6.3AI score0.00275EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-6682

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from...

6.5CVSS5.3AI score0.00745EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-3092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. A payload...

8.7CVSS5.7AI score0.00512EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-1451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.1. A crafted payload added to the user profile page could lea...

8.7CVSS7.9AI score0.51467EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-2434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions of GitLab CE/EE 16.9 prior to 16.9.6, 16.10 prior to 16.10.4, and 16.11 prior to 16.11.1 where pat...

8.5CVSS7.2AI score0.22889EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/07/29 12:0 a.m.4 views

Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition 安全漏洞

Enalean Tuleap Community Edition and Enalean Tuleap Enterprise Edition are both an open source suite from Enalean Open Source designed to improve the management of software development and collaboration. A security vulnerability exists in Enalean Tuleap Community Edition prior to 16.9.99.17525856...

4.3CVSS6.3AI score0.00302EPSS
Exploits1References5
Patchstack
Patchstack
added 2025/07/16 4:10 a.m.7 views

WordPress Malcure Malware Scanner plugin <= 17.0 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability

Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Malcure Malware Scanner versions = 17.0...

8.1CVSS6.8AI score0.00537EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2025/06/02 12:0 a.m.7 views

openSUSE Security Advisory (SUSE-SU-2025:01766-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.1AI score0.00612EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/05/31 12:0 a.m.2 views

SUSE SLES12: postgresql16 / postgresql16-contrib / postgresql16-devel / etc (SUSE-SU-2025:01767-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:01767-1 advisory. Upgrade to 16.9: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation...

5.9CVSS6.6AI score0.00612EPSS
Exploits0References4
OSV
OSV
added 2025/05/30 3:33 p.m.3 views

SUSE-SU-2025:01782-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: Upgrade to 16.9: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/16.9/...

5.9CVSS5.8AI score0.00612EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/05/30 7:45 a.m.4 views

Security update for postgresql16

This update for postgresql16 fixes the following issues: Upgrade to 16.9: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/16.9/ Patch Instructions: To...

5.9CVSS6AI score0.00612EPSS
Exploits0References4
OSV
OSV
added 2025/05/30 7:45 a.m.1 views

SUSE-SU-2025:01766-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: Upgrade to 16.9: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/16.9/...

5.9CVSS5.8AI score0.00612EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:59 a.m.6 views

CVE-2024-1299

A privilege escalation vulnerability was discovered in GitLab affecting versions 16.8 prior to 16.8.4 and 16.9 prior to 16.9.2. It was possible for a user with custom role of managegroupaccesstokens to rotate group access tokens with owner privileges...

8.1CVSS6.8AI score0.0054EPSS
Exploits1References1
OSV
OSV
added 2025/05/08 3:15 p.m.6 views

AZL-61736 CVE-2025-4207 affecting package postgresql for versions less than 16.9-1

Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13,...

5.9CVSS6.8AI score0.00612EPSS
Exploits0References1
OSV
OSV
added 2025/05/08 3:15 p.m.9 views

AZL-74894 CVE-2025-4207 affecting package rust 1.90.0-3

Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13,...

5.9CVSS7.2AI score0.00612EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.5 views

GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab Enterprise Edition EE and GitLab Community...

5.3CVSS6.3AI score0.0041EPSS
Exploits1References2
Rows per page
Query Builder