EUVD-2026-32617

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to access CI data from a different ref type than intended...

CVE-2026-3343

A reflected cross-site scripting XSS vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript in the context of an authenticated management user's browser when they click on a specially crafted link. This vulnerability affects Fireware OS 12.7 up to and including 12.11.7...

EUVD-2023-51886

Malicious code in bioql PyPI...

EUVD-2024-29285

Malicious code in bioql PyPI...

WordPress Ultimate Membership Pro Plugin <= 12.7 is vulnerable to Privilege Escalation

Software Ultimate Membership Pro Type Plugin Vulnerable versions = 12.7 Fixed in 12.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-43240 Patch priority High CVSS severity High 9.4 Developer Claim ownership PSID cfa9ba3d1675 Credits...

MihanPanel < 12.7 - Cross-Site Request Forgery

Description The MihanPanel plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to 12.7. This is due to missing or incorrect nonce validation on the delete and deleteall cases. This makes it possible for unauthenticated attackers to delete IP addresses from the blocked...

BIT-GITLAB-2020-10083

GitLab 12.7 through 12.8.1 has Insecure Permissions. Under certain conditions involving groups, project authorization changes were not being applied...

PT-2024-14243 · WordPress · Wp Review Slider

Name of the Vulnerable Software and Affected Versions: WP Review Slider versions n/a through 12.7 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...

WordPress WP Review Slider Plugin <= 12.7 is vulnerable to Cross Site Scripting (XSS)

Software WP Review Slider Type Plugin Vulnerable versions = 12.7 Fixed in 12.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51685 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9c963c631331 Credits emad Required privilege Administrator...

WordPress Jetpack Plugin < 12.7 is vulnerable to Clickjacking

Software Jetpack Type Plugin Vulnerable versions 12.7 Fixed in 12.7 OWASP Top 10 A3: Injection Classification Clickjacking CVE CVE-2023-47774 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 18fefcc21cac Credits Rafie Muhammad Patchstack Required privilege Contributor...

Apple Mac OS X Security Updates (HT213932)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : postgresql (ALASPOSTGRESQL12-2023-004)

The version of postgresql installed on the remote host is prior to 12.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL12-2023-004 advisory. A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let...

GitLab 12.7.x < 14.5.4, 14.6.x < 14.6.4, 14.7.x < 14.7.1 Improper Access Vulnerability.

GitLab is prone to an improper access vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if descripti...

Security fix for the ALT Linux 9 package postgresql12-1C version 12.7-alt0.M90P.3

12.7-alt0.M90P.3 built Dec. 3, 2021 Alexei Takaseev in task 289302 Nov. 10, 2021 Alexei Takaseev - Fixes CVE-2021-23214, CVE-2021-23222...

Security fix for the ALT Linux 9 package postgresql12-1C version 12.7-alt0.M90P.2

12.7-alt0.M90P.2 built Aug. 23, 2021 Alexei Takaseev in task 282411 Aug. 11, 2021 Alexei Takaseev - Fixes CVE-2021-3677...

ALSA-2021:2372 Important: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 12.7 Security Fixes: postgresql: Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027 postgresql: Memory...

Security fix for the ALT Linux 8 package postgresql12 version 12.7-alt0.M80P.1

12.7-alt0.M80P.1 built June 4, 2021 Alexei Takaseev in task 272119 May 19, 2021 Alexei Takaseev - 12.7 Fixes CVE-2021-32027, CVE-2021-32028, CVE-2021-32029...

Security fix for the ALT Linux 9 package postgresql12 version 12.7-alt0.M90P.1

12.7-alt0.M90P.1 built May 24, 2021 Alexei Takaseev in task 272061 May 18, 2021 Alexei Takaseev - 12.7 Fixes CVE-2021-32027, CVE-2021-32028, CVE-2021-32029...

PT-2021-3135 · Postgresql +9 · Postgresql +9

Name of the Vulnerable Software and Affected Versions: postgresql versions prior to 13.3 postgresql versions prior to 12.7 postgresql versions prior to 11.12 postgresql versions prior to 10.17 postgresql versions prior to 9.6.22 Description: A flaw was found in postgresql that allows authenticate...

CVE-2020-25833

Persistent cross-Site Scripting vulnerability on Micro Focus IDOL product, affecting all version prior to version 12.7. The vulnerability could be exploited to perform Persistent XSS attack...