Lucene search
+L

2505 matches found

OSV
OSV
added 2019/09/09 8:15 p.m.19 views

CVE-2019-6782

An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows Information Disclosure issue 1 of 6. An authorization issue allows the contributed project information of a private profile to be viewed...

7.5CVSS6AI score
Exploits0References2
CVE
CVE
added 2019/09/09 7:17 p.m.146 views

CVE-2019-6782

CVE-2019-6782 affects GitLab CE/EE prior to certain 11.x releases and allows an information disclosure where contributed project information from a private profile could be viewed due to an authorization issue. The connected documents confirm the exact affected branches/versions (11.5.8, 11.6.x b...

7.5CVSS7AI score0.0178EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2019/09/09 7:15 p.m.25 views

CVE-2019-11548

An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9. It has Incorrect Access Control. Unprivileged members of a project are able to post comments on confidential issues through an authorization issue in the note endpoint...

5.4CVSS5.2AI score0.00715EPSS
Exploits1References2
CVE
CVE
added 2019/09/09 6:52 p.m.83 views

CVE-2019-11548

CVE-2019-11548 affects GitLab Community and Enterprise Edition prior to 11.8.9. The vulnerability is an Incorrect Access Control in the note endpoint, allowing unprivileged project members to post comments on confidential issues due to an authorization issue. Impact is exposure/writes to comments...

5.4CVSS5.3AI score0.00715EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2019/09/09 6:15 p.m.16 views

CVE-2019-5463

An authorization issue was discovered in the GitLab CE/EE CI badge images endpoint which could result in disclosure of the build status. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6...

5.3CVSS6.5AI score
Exploits0References2
OSV
OSV
added 2019/09/09 6:15 p.m.13 views

UBUNTU-CVE-2019-5463

An authorization issue was discovered in the GitLab CE/EE CI badge images endpoint which could result in disclosure of the build status. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6...

5.3CVSS6AI score0.01911EPSS
Exploits1References3
CVE
CVE
added 2019/09/09 5:44 p.m.68 views

CVE-2019-5463

The issue CVE-2019-5463 affects GitLab CE/EE CI badge images endpoint. The root cause is an authorization flaw that could disclose build status. The PT Security disclosure lists affected versions and fixes: GitLab CE/EE prior to 11.11.6 are vulnerable; update to 11.11.6 or later. For versions pri...

5.3CVSS5AI score0.01911EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2019/09/09 12:0 a.m.6 views

Silver Peak Systems EdgeConnect SD-WAN License Issue Vulnerability

Silver Peak Systems EdgeConnect SD-WAN is a suite of software-defined, wide-area networking platforms from Silver Peak Systems, USA. The platform provides path conditioning, application classification, routing and virtual WAN overlay. An authorization issue vulnerability exists in Silver Peak...

9.8CVSS6.8AI score0.0154EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/09/09 12:0 a.m.8 views

PT-2019-17691 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 11.11.6 GitLab CE/EE versions prior to 12.0.4 GitLab CE/EE versions prior to 12.1.2 Description: An authorization issue was discovered in the GitLab CE/EE CI badge images endpoint, which could result in disclosu...

5.3CVSS4.9AI score0.01911EPSS
Exploits1References9
CNVD
CNVD
added 2019/09/05 12:0 a.m.2 views

BD Pyxis Authorization Issues Vulnerability

BD Pyxis is a medication management system from BD Medical BD. An authorization issue vulnerability exists in BD Pyxis ES versions 1.3.4 through 1.6.1 and Pyxis Enterprise Server Windows Server versions 4.4 through 4.12, which can be exploited by an attacker to gain access to a previous user's...

8.8CVSS6.8AI score0.01288EPSS
Exploits0References1
CNVD
CNVD
added 2019/09/03 12:0 a.m.7 views

GitLab Authorization Issues Vulnerability (CNVD-2019-31314)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An authorization issue vulnerability exists in GitLab...

5.5CVSS7AI score0.00755EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/27 12:0 a.m.7 views

WordPress wp-support-plus-responsive-ticket-system plugin authorization issue vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-support-plus-responsive-ticket-system is a ticket system plugin used in it. An authorization issue vulnerability exists in WordPres...

9.8CVSS6.9AI score0.02217EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/23 12:0 a.m.3 views

CloudBees Jenkins Nomad Plugin Authorization Issues Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . OctopusDeploy Plugin is used in which a...

6.5CVSS6.9AI score0.01536EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/23 12:0 a.m.6 views

CloudBees Jenkins Netsparker Cloud Scan Plugin Authorization Issues Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . Netsparker Cloud Scan Plugin is used in one of...

6.5CVSS6.9AI score0.01536EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/23 12:0 a.m.6 views

CloudBees Jenkins VMware Lab Manager Slaves Plugin Authorization Issue Vulnerability (CNVD-2019-30405)

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. The product is mainly used to monitor continuous software version release/testing projects and some timed tasks.VMware Lab Manager Slaves Plugin is used in which a plugin for controlling virtual...

6.5CVSS6.9AI score0.01536EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/23 12:0 a.m.5 views

CloudBees Jenkins Audit to Database Plugin Authorization Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Audit to Database Plugin is used in which a...

6.5CVSS6.9AI score0.01486EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/23 12:0 a.m.6 views

CloudBees Jenkins FTP publisher Plugin Authorization Issues Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/testing project and some timed tasks . FTP publisher Plugin is used in one of...

6.5CVSS6.9AI score0.01486EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/23 12:0 a.m.6 views

CloudBees Jenkins Gearman Plugin Authorization Issues Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Gearman Plugin is used in one of the highly...

6.5CVSS6.9AI score0.01486EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/23 12:0 a.m.6 views

CloudBees Jenkins Zephyr Enterprise Test Management Plugin Authorization Issue Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. CloudBees. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . Zephyr Enterprise Test Management Plugin is used in one of...

6.5CVSS6.8AI score0.01536EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/23 12:0 a.m.5 views

CloudBees Jenkins Kmap Plugin Authorization Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software release/testing projects and some timed tasks . Kmap Plugin is used in one of the application release...

6.5CVSS6.9AI score0.01486EPSS
Exploits0References1
Rows per page
Query Builder