12 matches found
MiracleLinux 7 : kernel-3.10.0-1160.80.1.el7 (AXSA:2022-4024:16)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4024:16 advisory. a use-after-free in clsroute filter implementation may lead to privilege escalation CVE-2022-2588 RetBleed Arbitrary Speculative Code Execution with...
EUVD-2022-42684
Malicious code in bioql PyPI...
CVE-2022-3288
A branch/tag name confusion in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to manipulate pages where the content of the default branch would be expected...
UBUNTU-CVE-2024-31142
Because of a logical error in XSA-407 Branch Type Confusion, the mitigation is not applied properly when it is intended to be used. XSA-434 Speculative Return Stack Overflow uses the same infrastructure, so is equally impacted. For more details, see: https://xenbits.xen.org/xsa/advisory-407.html...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
RLSA-2022:7110 Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A use-after-free in clsroute filter implementation may lead to privilege escalation CVE-2022-2588 Information leak in scsiioctl CVE-2022-0494 A kernel-info-leak issue in pfkeyregister CVE-2022-13...
CVE-2022-3288
A branch/tag name confusion in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to manipulate pages where the content of the default branch would be expected...
CVE-2022-3288
A branch/tag name confusion in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to manipulate pages where the content of the default branch would be expected...
PT-2022-21546 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 15.2.5 GitLab CE/EE versions 15.3 prior to 15.3.4 GitLab CE/EE versions 15.4 prior to 15.4.1 Description: A branch/tag name confusion issue allows an attacker to manipulate pages where the content of the default...
CVE-2022-3288
A branch/tag name confusion in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to manipulate pages where the content of the default branch would be expected...
The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the disclosure of information in the error-prone data area, allows a perpetrator to gain access to confidential data.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to confusion between tag names and branches. Exploiting this vulnerability allows a malicious actor to gain access to confidential data...
PT-2021-6602 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.7 and later Description: The issue is related to a confusion between tag and branch names in GitLab, allowing a remote attacker to access confidential data. Specifically, it enables a Developer to access protected CI...