Security Bulletin: Issue in RCE in PCOMM Service through unprotected named pipe

Summary There is a vulnerability in IBM Personal Communications PCOMM. Personal Communications has addressed the applicable CVE through version update. Vulnerability Details CVEID:CVE-2024-25029 DESCRIPTION: IBM Personal Communications 15.0.1 includes a Windows service that is vulnerable to remot...

Vulnerability fixed in IBM Personal Communications

IBM has fixed a vulnerability in Personal Communications PCOMM. The vulnerability is located in an underlying Windows component and allows a malicious person to afford granted elevated privileges and execute code with privileges of SYSTEM. IBM has released updates to fix the vulnerability in...

GitLab 13.3 < 13.12.9 / 14.0 < 14.0.7 / 14.1 < 14.1.2 (CVE-2021-22250)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper authorization in GitLab CE/EE affecting all versions since 13.3 allowed users to view and delete impersonation tokens that administrators created for their account CVE-2021-22250 Note that...

UBUNTU-CVE-2021-22237

Under specialized conditions, GitLab may allow a user with an impersonation token to perform Git actions even if impersonation is disabled. This vulnerability is present in GitLab CE/EE versions before 13.12.9, 14.0.7, 14.1.2...