Lucene search
K

55 matches found

OSV
OSV
added 2026/01/28 8:11 p.m.7 views

CVE-2026-24742 Discourse staff action logs expose sensitive information to moderators

Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, non-admin moderators can view sensitive information in staff action logs that should be restricted to administrators only. The exposed information includes webhook payload URLs and...

6.5CVSS5.8AI score0.00255EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/28 12:0 a.m.9 views

PT-2026-5212

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 3.5.4 Discourse versions prior to 2025.11.2 Discourse versions prior to 2025.12.1 Discourse versions prior to 2026.1.0 Description Discourse is an open source discussion platform. Non-admin moderators can view...

6.5CVSS5.8AI score0.00255EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-51695

Malicious code in bioql PyPI...

5.5CVSS4.7AI score0.00731EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-12839

Malicious code in bioql PyPI...

5.5CVSS5AI score0.00731EPSS
Exploits0References3
Snyk
Snyk
added 2025/09/30 6:32 p.m.2 views

Improper Check or Handling of Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check or Handling of Exceptional Conditions in the /api/webhook endpoint. An attacker can cause the server process to crash by sending an Azure DevOps Push event with an empty resource.refUpdates array. Note: This is only...

8.7CVSS6.9AI score0.00549EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-4342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 before 15.5.7, all versions starting from 15.6 before 15.6.4, all version...

5.5CVSS5AI score0.00731EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2023-2620

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions...

5.5CVSS5AI score0.00549EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:59 p.m.5 views

CVE-2022-4342

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A malicious Maintainer can leak masked webhook secrets by changing target URL of the webhook...

5.5CVSS6.4AI score0.00731EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/06/29 12:0 a.m.42 views

Gitlab -- Vulnerabilities

Gitlab reports: ReDoS via EpicReferenceFilter in any Markdown fields New commits to private projects visible in forks created while project was public New commits to private projects visible in forks created while project was public Maintainer can leak masked webhook secrets by manipulating URL...

7.5CVSS7.1AI score0.00905EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/05 12:0 a.m.7 views

CVE-2023-0838

An issue has been discovered in GitLab affecting versions starting from 15.1 before 15.8.5, 15.9 before 15.9.4, and 15.10 before 15.10.1. A maintainer could modify a webhook URL to leak masked webhook secrets by adding a new parameter to the url. This addresses an incomplete fix for CVE-2022-4342...

5.5CVSS4.8AI score0.00731EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/31 12:0 a.m.5 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab Community Edition and GitLab Enterpri...

5.5CVSS5AI score0.00731EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/02/08 12:0 a.m.22 views

GitLab < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-4342)

The version of GitLab installed on the remote host is prior to 15.5.7, 15.6.4, 15.7.2. It is, therefore, affected by an information disclosure vulnerability as referenced in the SECURITY-RELEASE-GITLAB-15-7-2-RELEASED advisory. - An issue has been discovered in GitLab CE/EE affecting all versions...

5.5CVSS5.1AI score0.00731EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/01/12 4:15 a.m.24 views

CVE-2022-4342

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A malicious Maintainer can leak masked webhook secrets by changing target URL of the webhook...

5.5CVSS5.8AI score0.00731EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/01/12 12:0 a.m.8 views

CVE-2022-4342

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A malicious Maintainer can leak masked webhook secrets by changing target URL of the webhook...

5.5CVSS6.8AI score0.00731EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2023/01/12 12:0 a.m.21 views

CVE-2022-4342

Removed by vendor...

5.5CVSS5.8AI score0.00731EPSS
Exploits0
Rows per page
Query Builder