42 matches found
Design/Logic Flaw
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. A malicious developer could exfiltrate an integration's access token by modifying the integration URL...
CVE-2022-1426
An issue has been discovered in GitLab affecting all versions starting from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly authenticating a user that had some certain amount of information which allowed ...
PT-2021-14921 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 12.6 and later Description: A potential DOS issue was discovered due to the lack of pagination in the dependencies API. Recommendations: For GitLab EE version 12.6 and later, consider implementing pagination in the...
Security fix for the ALT Linux 9 package postgresql12-1C version 12.6-alt1.M90P.1
12.6-alt1.M90P.1 built May 24, 2021 Alexei Takaseev in task 272061 May 18, 2021 Alexei Takaseev - Fixes CVE-2021-32027, CVE-2021-32028, CVE-2021-32029...
Security fix for the ALT Linux 10 package postgresql15-1C version 12.6-alt2
May 17, 2021 Alexei Takaseev 12.6-alt2 - Fixes CVE-2021-32027, CVE-2021-32028, CVE-2021-32029...
SUSE: Security Advisory (SUSE-SU-2021:0695-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Race condition
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.6. Under a special condition it was possible to access data of an internal repository through a public project fork as an anonymous user...
UBUNTU-CVE-2021-22200
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.6. Under a special condition it was possible to access data of an internal repository through a public project fork as an anonymous user...
DEBIAN-CVE-2021-3393
An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. A...
Security update for postgresql12 (moderate)
openSUSE Security Update: Security update for postgresql12 Announcement ID: openSUSE-SU-2021:0423-1 Rating: moderate References: 1179765 1182040 Cross-References: CVE-2021-3393 CVSS scores: CVE-2021-3393 SUSE: 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Leap 15.2 ...
SUSE SLES15 Security Update : postgresql12 (SUSE-SU-2021:0695-1)
This update for postgresql12 fixes the following issues : Upgrade to version 12.6 : Reindexing might be needed after applying this update. CVE-2021-3393, bsc1182040: Fix information leakage in constraint-violation error messages. Note that Tenable Network Security has extracted the preceding...
PostgreSQL < 9.5.25, 9.6.x < 9.6.21, 10.x < 10.16, 11.x < 11.11, 12.x < 12.6, 13.x < 13.2 Information Disclosure Vulnerability - Windows
PostgreSQL is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PostgreSQL < 9.5.25, 9.6.x < 9.6.21, 10.x < 10.16, 11.x < 11.11, 12.x < 12.6, 13.x < 13.2 Information Disclosure Vulnerability - Linux
PostgreSQL is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2021:0544-1 Security update for postgresql12
This update for postgresql12 fixes the following issues: Upgrade to version 12.6: - Reindexing might be needed after applying this update. - CVE-2021-3393, bsc1182040: Fix information leakage in constraint-violation error messages...
Security fix for the ALT Linux 9 package postgresql12 version 12.6-alt0.M90P.1
12.6-alt0.M90P.1 built Feb. 19, 2021 Alexei Takaseev in task 266186 Feb. 11, 2021 Alexei Takaseev - 12.6 Fixes CVE-2021-3393...
PT-2020-13495 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.6 through 13.3.8 Description: A potential DOS issue was discovered in GitLab CE/EE. The container registry name check could cause an exponential number of backtracks for certain user-supplied values, resulting in high...
Unnamed Vulnerability in GitLab (CNVD-2021-19415)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions 12.6...
Cross-site scripting in Sakai
Sakai through 12.6 allows XSS via a chat user name...
Race condition
A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol LLDP implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service DoS...
CVE-2019-1684
A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol LLDP implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service DoS...