Frontier Airlines website publicly available email address validation

RISK EVALUATION The Frontier Airlines website has a publicly available endpoint that validates if an email addresses is associated with an account. An unauthenticated, remote attacker could determine valid email addresses, possibly aiding in further attacks. 2. RECOMMENDED PRACTICES Use a...

CLSA-2025-1754382809 Update of nss

update to CKBI 2.78 from NSS 3.113 - updated certificates: - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Entrust Root Certification Authority" - Certificate "AffirmTrust Commercial" - Certificate "AffirmTrust Networking" - Certificate "AffirmTrust Premium" - Certificate...

CVE-2023-1204

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.1 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A user could use an unverified email as a public email and commit email by sending a specifically...

PT-2025-21506 · WordPress · Sensei Lms

Name of the Vulnerable Software and Affected Versions: The Sensei LMS WordPress plugin versions prior to 4.20.0 Description: The issue allows disclosure of all users of the blog, including their email addresses, to teachers on the students page. Recommendations: For versions prior to 4.20.0, upda...

Gitlab -- vulnerabilities

Gitlab reports: Arbitrary file write while creating workspace ReDoS in Cargo.toml blob viewer Arbitrary API PUT requests via HTML injection in user's name Disclosure of the public email in Tags RSS Feed Non-Member can update MR Assignees of owned MRs...

Update of ca-certificates

update to CKBI 2.64 from NSS 3.95 - updated: - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed old certificates: - Certificate "E-Tugra Certification Authority" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification...

UBUNTU-CVE-2023-1204

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.1 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A user could use an unverified email as a public email and commit email by sending a specifically...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. GitLab suffers from a security vulnerability that stems from the ability for...

PT-2023-16819 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 10.1 through 15.10.7 GitLab CE/EE versions 15.11 through 15.11.6 GitLab CE/EE versions 16.0 through 16.0.1 Description: An issue has been discovered in GitLab CE/EE where a user could use an unverified email as a public...