88 matches found
CVE-2026-27705
Plane is an an open-source project management tool. Prior to version 1.2.2, the ProjectAssetEndpoint.patch method in apps/api/plane/app/views/asset/v2.py lines 579–593 performs a global asset lookup using only the asset ID pk via FileAsset.objects.getid=pk, without verifying that the asset belong...
EUVD-2016-3372
Malware in sbrugna...
EUVD-2019-11019
Malware in sbrugna...
EUVD-2012-5973
Malware in sbrugna...
EUVD-2013-4460
Malware in sbrugna...
EUVD-2011-4243
Malware in sbrugna...
EUVD-2015-3043
Malware in sbrugna...
EUVD-2021-2410
Malware in sbrugna...
EUVD-2014-0817
Malware in sbrugna...
EUVD-2020-29289
Malware in sbrugna...
EUVD-2011-4234
Malware in sbrugna...
EUVD-2025-19171
Malicious code in bioql PyPI...
EUVD-2022-3224
Malicious code in bioql PyPI...
EUVD-2022-3494
Malicious code in bioql PyPI...
EUVD-2022-4519
Malicious code in bioql PyPI...
EUVD-2022-24771
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2013-1830
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - user/view.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not enforce the forceloginforprofiles setting, which...
Linux Distros Unpatched Vulnerability : CVE-2024-0861
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE affecting all versions starting from 16.4 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions...
CVE-2025-5315
An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed...
CVE-2025-5315 Missing Authorization in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated users with Guest role permissions to add child items to incident work items by sending crafted API requests that bypassed...