CVE-2020-5833

Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program...

PT-2024-2988 · Siemens · Teamcenter Visualization +2

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V2312.0004 Parasolid V35.1 versions prior to V35.1.254 Parasolid V36.0 versions prior to V36.0.207 Parasolid V36.1 versions prior to V36.1.147 Teamcenter Visualization V14.2 versions prior to V14.2.0.12 Teamcenter...

BIT-GITLAB-2021-39909

Lack of email address ownership verification in the CODEOWNERS feature in all versions of GitLab EE starting from 11.3 before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 allows an attacker to bypass CODEOWNERS Merge Request approval...

Apple Mac OS X Security Update (HT214061)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-3993 Insertion of Sensitive Information into Log File in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. Access tokens may have been logged when a query was made to a specific endpoint...

CVE-2023-3993 Insertion of Sensitive Information into Log File in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. Access tokens may have been logged when a query was made to a specific endpoint...

PT-2023-22232 · Progress · Progress Sitefinity

Name of the Vulnerable Software and Affected Versions: Progress Sitefinity versions 13.3 through 13.3.7646 Progress Sitefinity versions 14.0 through 14.0.7735 Progress Sitefinity versions 14.1 through 14.1.7825 Progress Sitefinity versions 14.2 through 14.2.7929 Progress Sitefinity versions 14.3...

XWiki 14.3-rc-1 < 14.4.6, 14.5.x < 14.9 Exposed Dangerous Class Vulnerability (GHSA-8692-g6g9-gm5p)

Xwiki is prone to an exposed dangerous class vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

CVE-2023-26478

XWiki Platform is a generic wiki platform. Starting in version 14.3-rc-1, org.xwiki.store.script.TemporaryAttachmentsScriptServiceuploadTemporaryAttachment returns an instance of com.xpn.xwiki.doc.XWikiAttachment. This class is not supported to be exposed to users without the programing right...

GitLab 14.3.x < 15.6.7, 15.7.x < 15.7.6, 15.8.x < 15.8.1 DoS Vulnerability

GitLab is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

GitLab 14.3 < 15.6.7 / 15.7 < 15.7.6 / 15.8 < 15.8.1 (CVE-2022-3759)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An...

PT-2023-1434 · Symantec · Symantec Endpoint Protection

Name of the Vulnerable Software and Affected Versions: Symantec Endpoint Protection versions prior to 14.3 RU6 14.3.9210.6000 Description: The issue is related to insufficient access control in Symantec Endpoint Protection, which may allow an attacker to elevate their privileges. This could enabl...

XWiki 1.0 < 13.10.6, 14.0 < 14.3 XSS Vulnerability (GHSA-mxf2-4r22-5hq9)

Xwiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

XWiki < 13.10.5, < 14.3 Improper Authorization Vulnerability (GHSA-jgc8-gvcx-9vfx)

Xwiki is prone to an improper authorization vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

CVE-2022-36095

XWiki Platform is a generic wiki platform. Prior to versions 13.10.5 and 14.3, it is possible to perform a Cross-Site Request Forgery CSRF attack for adding or removing tags on XWiki pages. The problem has been patched in XWiki 13.10.5 and 14.3. As a workaround, one may locally modify the...

CVE-2022-36096 XWiki Platform vulnerable to Cross-site Scripting in the deleted attachments list

The XWiki Platform Index UI is an Index of all pages, attachments, orphans and deleted pages and attachments for XWiki Platform, a generic wiki platform. Prior to versions 13.10.6 and 14.3, it's possible to store JavaScript which will be executed by anyone viewing the deleted attachments index wi...

XWiki Platform 跨站脚本漏洞

XWiki Platform is a suite of Wiki platforms for creating web collaboration applications from the French company XWiki. A security vulnerability exists in the XWiki Platform Index UI prior to version 13.10.6 and prior to version 14.3, which stems from the ability to store JavaScript that can be...

GitLab 0.8.x < 14.2.6, 14.3.x < 14.3.4, 14.4.x < 14.4.1 Code Injection Vulnerability.

GitLab is prone to a code injection vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if description...

CVE-2022-1783

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. It may be possible for malicious group maintainers to add new members to a project within their...

Security fix for the ALT Linux 10 package postgresql14 version 14.3-alt1

14.3-alt1 built May 13, 2022 Alexei Takaseev in task 299787 May 11, 2022 Alexei Takaseev - 14.3 Fixes CVE-2022-1552...