87 matches found
CVE-2026-8472 Missing Authorization in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 18.9 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with minimal access permissions to read work item metadata from private projects due to...
EUVD-2026-42405
GitLab has remediated an issue in GitLab EE affecting all versions from 18.9 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with minimal access permissions to read work item metadata from private projects due to...
CVE-2026-8472
CVE-2026-8472 affects GitLab Enterprise Edition and reports a privilege/authorization issue where an authenticated user with minimal access could read work item metadata from private projects. The root cause is missing authorization checks, enabling unintended metadata access. Affected versions i...
SUSE CVE-2026-53097
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix use-after-free bugs in mt7996macdumpwork When the mt7996 pci chip is detaching, the mt7996crashdata is released in mt7996coredumpunregister. However, the work item dumpwork may still be running or pending,...
PT-2026-50428
Name of the Vulnerable Software and Affected Versions Plane CE version 1.3.1 Description A low-privileged project member can submit arbitrary HTML and JavaScript via the description html field. This occurs when creating an intake work item through the 'API v1 intake' endpoint. Recommendations At...
CVE-2026-5712
This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing...
CVE-2026-45898
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA Internet Wide Area RDMA Protocol iWARP subsystem. Incorrect work submission logic in the iwcm component can lead to multiple queueing of work items. This allows a work item to be processed and freed while still present in the...
PT-2026-43722
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the libata-scsi SAT implementation where non-NCQ Native Command Queuing commands can suffer from starvation. When a non-NCQ command is issued while NCQ commands are...
CVE-2026-5712
This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing...
CVE-2026-5712 IdentityIQ Role Editor Incorrect Authorization Vulnerability
This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing...
CVE-2026-5712
This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing...
CVE-2026-5712 IdentityIQ Role Editor Incorrect Authorization Vulnerability
This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing...
EUVD-2026-26260
This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing...
PT-2026-35962
Name of the Vulnerable Software and Affected Versions IdentityIQ affected versions not specified Description An authenticated identity acting as the requestor or assignee of a work item can edit a role definition without possessing the required capability for role editing. Recommendations At the...
CVE-2026-31548 wifi: cfg80211: cancel pmsr_free_wk in cfg80211_pmsr_wdev_down
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel pmsrfreewk in cfg80211pmsrwdevdown When the nl80211 socket that originated a PMSR request is closed, cfg80211releasepmsr sets the request's nlportid to zero and schedules pmsrfreewk to process the abort...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue with the delayed work item otgevent in the fslotgremove function, which could lea...
CVE-2023-54071 wifi: rtw88: use work to update rate to avoid RCU warning
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: use work to update rate to avoid RCU warning The ieee80211ops::starcupdate must be atomic, because ieee80211chanbwchange holds rcuread lock while calling drvstarcupdate, so create a work to do original things...
Linux Distros Unpatched Vulnerability : CVE-2025-40171
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmet-fc: move lsop put work to nvmetfclsreqop It's possible for more than one async command to be in flight from nvmetfcsendlsreq. For each command, a tgtport...
CVE-2025-40007
CVE-2025-40007 — Linux kernel netfs reference leak (concrete details) The issue is in netfs: fix reference leak inside the Linux kernel’s netfs code. A commit (20d72b00ca81) changed netfs_alloc_request() to initialize the reference counter to 2 instead of 1, under the assumption that the request’...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a cyclic delayed work-item leading to reuse after release, which could lead to memory corruption...