EUVD-2025-24597

Malicious code in bioql PyPI...

BIT-GITLAB-2024-10219 Incorrect Authorization in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 15.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that under certain conditions could have allowed authenticated users to bypass access controls and download private artifacts by accessing specific API endpoints...

GitLab 11.6 < 18.0.6 / 18.1 < 18.1.4 / 18.2 < 18.2.2 (CVE-2025-2614)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an authenticated user to cause a denial ...

UBUNTU-CVE-2025-2937

An issue has been discovered in GitLab CE/EE affecting all versions from 13.2 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to create a denial of service condition by sending specially crafted markdown payloads to the Wiki feature...

CVE-2025-1477 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 8.14 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an unauthenticated user to create a denial of service condition by sending specially crafted payloads to specific integration API endpoin...

CVE-2025-2614

Removed by vendor...

CVE-2025-2937

Removed by vendor...

Linux Distros Unpatched Vulnerability : CVE-2025-4700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under specific...

CVE-2025-4700

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under specific circumstances, could have potentially allowed a successful attacker to trigger unintended content rendering leading to XSS...

UBUNTU-CVE-2025-1299

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 18.0.5, all versions starting from 18.1 before 18.1.3, all versions starting from 18.2 before 18.2.1 that, under circumstances, could have allowed an unauthorized user to read deployment job logs by...

CVE-2025-4700

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under specific circumstances, could have potentially allowed a successful attacker to trigger unintended content rendering leading to XSS...

CVE-2023-3398

Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3...

SUSE CVE-2024-31852

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we...

LLVM 安全漏洞

LLVM is a toolkit for building highly optimized compilers, optimizers, and runtime environments for LLVM. A security vulnerability exists in LLVM versions prior to 18.1.3 that stems from the presence of an assembly code generation error problem...

PT-2024-4418 · Clang +2 · Clang +2

Name of the Vulnerable Software and Affected Versions: LLVM versions prior to 18.1.3 Description: The issue is related to a buffer overflow in memory when handling the LR register connection due to incorrect code generation management. This can lead to an exploitable error in the flow of control,...

CVE-2023-3398

Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3...

drawio 资源管理错误漏洞

JGraph drawio is a JavaScript client editor from JGraph. A resource management error vulnerability exists in versions of drawio prior to 18.1.3, which stems from an upload of a large file causing a system denial of service...