2349 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-39361
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graphview.php. Sin...
Linux Distros Unpatched Vulnerability : CVE-2017-1000031
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in graphtemplatesinputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graphtemplateinputid a...
Linux Distros Unpatched Vulnerability : CVE-2021-39915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4....
Linux Distros Unpatched Vulnerability : CVE-2020-26413
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email...
Linux Distros Unpatched Vulnerability : CVE-2019-16723
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Cacti through 1.2.6, authenticated users may bypass authorization checks for viewing a graph via a direct graphjson.php request with a modified localgraphid...
Linux Distros Unpatched Vulnerability : CVE-2023-37543
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a...
Linux Distros Unpatched Vulnerability : CVE-2024-52763
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability in the component /graphallperiods.php of Ganglia-web v3.73 to v3.75 allows attackers to execute arbitrary web scripts o...
FreeBSD : Gitlab -- vulnerabilities (d7b7e505-8486-11f0-9d03-2cf05da270f3)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d7b7e505-8486-11f0-9d03-2cf05da270f3 advisory. Gitlab reports: Allocation of Resources Without Limits issue in import function impacts GitLab...
CVE-2025-2246
An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have allowed unauthenticated users to access sensitive manual CI/CD variables by querying the GraphQL API...
CVE-2025-4225 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 14.1 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that that under certain conditions could have allowed an unauthenticated attacker to cause a denial-of-service condition affecting all users by sending specially...
CVE-2025-4225 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 14.1 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that that under certain conditions could have allowed an unauthenticated attacker to cause a denial-of-service condition affecting all users by sending specially...
graph-rag-poc
Graph RAG Pipeline - Proof of Concept A locally-executable Gr...
Linux Distros Unpatched Vulnerability : CVE-2025-26520
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an...
Linux Distros Unpatched Vulnerability : CVE-2024-4472
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3...
Linux Distros Unpatched Vulnerability : CVE-2023-39514
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2023-0921
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2 allows an authenticated...
Linux Distros Unpatched Vulnerability : CVE-2025-24367
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. An authenticated Cacti user can abuse graph creation and graph template functionality to...
SIExVulTS: Sensitive Information Exposure Vulnerability Detection System Using Transformer Models and Static Analysis
Sensitive Information Exposure SIEx vulnerabilities CWE-200 remain a persistent and under-addressed threat across software systems, often leading to serious security breaches. Existing detection tools rarely target the diverse subcategories of CWE-200 or provide context-aware analysis of code-lev...
Linux Distros Unpatched Vulnerability : CVE-2023-2478
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.9.7, all versions starting from 15.10 before 15.10.6, all...
Exploit for Improper Handling of Exceptional Conditions in Apache Struts
PoC: Apache Struts2 CVE-2017-5638 Safe Educational Demo...