UBUNTU-CVE-2026-6476

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

CVE-2026-6474 PostgreSQL timeofday() can disclose portions of server memory

Externally-controlled format string in PostgreSQL timeofday function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected...

GitLab 17.10 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-1338)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Authorization Bypass Through User-Controlled Key in GitLab CVE-2026-1338 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

CVE-2026-3857 Cross-Site Request Forgery (CSRF) in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to execute arbitrary GraphQL mutations on behalf of authenticated users due to insufficient CSRF protection...

Linux Distros Unpatched Vulnerability : CVE-2025-10497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allow...

PT-2025-43134

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 17.10 through 18.3.4 GitLab CE/EE versions 18.4 through 18.4.2 GitLab CE/EE versions 18.5 through 18.5.0 Description An issue in GitLab CE/EE could allow an unauthenticated attacker to cause a denial of service condition ...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab CE and EE versions 17.10 up to and...

Linux Distros Unpatched Vulnerability : CVE-2025-0639

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before...

BIT-GITLAB-2025-1763 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content security policy bypass in a user's browser under specific conditions, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...

CVE-2018-7691

A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center SSC, versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access...

Mahara Redirection Vulnerability

Mahara is a social networking system. The system includes a blog, resume builder, file manager, and more. A security vulnerability exists in Mahara versions 16.10 before 16.10.7, 17.04 before 17.04.5, and 17.10 before 17.10.2. An attacker can exploit this vulnerability by performing a...