EUVD-2026-30226

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to view Jira issues outside the configured project scope due to an integration filter functioning only as a...

QNAP Systems QTS和QNAP Systems QuTS hero 代码问题漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both products of China Weilian Technology QNAP Systems.QNAP Systems QTS is an entry operating system.QNAP Systems QuTS hero is an operating system. A code issue vulnerability exists in QNAP Systems QTS prior to version 5.2.1.2930 build 20241025 and...

CVE-2023-22476 MantisBT: Exposure of Private issues' summary to unauthorized users

Mantis Bug Tracker MantisBT is an open source issue tracker. In versions prior to 2.25.6, due to insufficient access-level checks, any logged-in user allowed to perform Group Actions can access to the Summary field of private Issues i.e. having Private view status, or belonging to a private Proje...

CVE-2021-22188

An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via branch logs...

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Improper Certificate Validation for Fortinet OTP Denial of Service Attack on gitlab-shell Resource exhaustion due to pending jobs Confidential issue titles were exposed Improper access control allowed demoted project members to access authored merge requests Improper access contro...

Atlassian Jira Tempo Core system plugin information disclosure vulnerability (CNVD-2019-32342)

Atlassian Jira is a defect tracking management system from the Australian company Atlassian. The system is used to track and manage all types of issues and defects in the workplace.Tempo Core system plugin is a project management tool plugin from Icelandic company Tempo that is used in the system...