Lucene search
K

942 matches found

OSV
OSV
added 2024/07/25 5:15 a.m.5 views

CVE-2024-4811

In affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacts...

2.2CVSS5.8AI score0.00243EPSS
Exploits0References1
NVD
NVD
added 2024/07/25 5:15 a.m.12 views

CVE-2024-4811

In affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacts...

2.2CVSS0.00243EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/25 4:46 a.m.23 views

CVE-2024-4811

In affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacts...

2.2CVSS6.9AI score0.00243EPSS
Exploits0References1
CVE
CVE
added 2024/07/25 4:46 a.m.55 views

CVE-2024-4811

CVE-2024-4811 affects Octopus Server. Affected versions expose a security issue where a user with specific role assignments can access restricted project artifacts under certain conditions. The CVSS 3.1 base score is 2.2 (LOW) with vectors: AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N; attack vector is NE...

2.2CVSS7AI score0.00243EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/07/25 1:15 a.m.2 views

UBUNTU-CVE-2024-7057

An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where job artifacts can be inappropriately exposed to users lacking the proper authorization level...

4.3CVSS5.8AI score0.00372EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/07/25 12:30 a.m.14 views

CVE-2024-7057

Removed by vendor...

4.3CVSS5.8AI score0.00372EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/07/25 12:0 a.m.4 views

PT-2024-32991 · Unknown · Octopus Server

Name of the Vulnerable Software and Affected Versions: Octopus Server affected versions not specified Description: The issue allows a user with specific role assignments to access restricted project artifacts under certain conditions. Recommendations: At the moment, there is no information about ...

2.2CVSS6.1AI score0.00243EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/07/25 12:0 a.m.4 views

Octopus Server 安全漏洞

Octopus Server is a deployment automation and release management tool for continuous delivery from Octopus Australia. A security vulnerability exists in Octopus Server that stems from a user with a specific role assignment having access to restricted project artifacts under certain conditions...

2.2CVSS6.6AI score0.00243EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/25 12:0 a.m.27 views

FreeBSD : Gitlab -- Vulnerabilities (24c88add-4a3e-11ef-86d7-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 24c88add-4a3e-11ef-86d7-001b217b3468 advisory. Gitlab reports: XSS via the Maven Dependency Proxy Project level analytics settings leaked in...

4.9CVSS5.5AI score0.00544EPSS
Exploits1References5
Metasploit
Metasploit
added 2024/07/19 7:52 p.m.250 views

Ghostscript Command Execution via Format String

This module exploits a format string vulnerability in Ghostscript versions before 10.03.1 to achieve a SAFER sandbox bypass and execute arbitrary commands. This vulnerability is reachable via libraries such as ImageMagick. This exploit only works against Ghostscript versions 10.03.0 and 10.01.2...

6.3CVSS6.7AI score0.27992EPSS
Exploits6
NVD
NVD
added 2024/06/27 12:15 a.m.19 views

CVE-2024-3959

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any user...

6.5CVSS0.00427EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/06/27 12:15 a.m.15 views

CVE-2024-3959

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any user...

6.5CVSS5.9AI score0.00427EPSS
Exploits0References3
OSV
OSV
added 2024/06/27 12:15 a.m.2 views

UBUNTU-CVE-2024-3959

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any user...

6.5CVSS5.8AI score0.00427EPSS
Exploits0References4
CVE
CVE
added 2024/06/26 11:31 p.m.73 views

CVE-2024-3959

CVE-2024-3959 affects GitLab CE/EE: all versions from 16.7 up to 16.11.5, 17.0 up to 17.0.3, and 17.1 up to 17.1.1. Issue: improper authorization that allows private job artifacts to be accessed by any user. Impact: exposure of private artifacts; no integrity/availability impact stated beyond acc...

6.5CVSS6.3AI score0.00427EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/06/26 11:31 p.m.31 views

CVE-2024-3959 Improper Authorization in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any user...

6.5CVSS0.00427EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/26 11:31 p.m.17 views

CVE-2024-3959 Improper Authorization in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any user...

6.5CVSS6.5AI score0.00427EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/06/26 11:31 p.m.19 views

CVE-2024-3959

Removed by vendor...

6.5CVSS5.8AI score0.00427EPSS
Exploits0
OSV
OSV
added 2024/06/26 11:31 p.m.15 views

CVE-2024-3959 Improper Authorization in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any user...

6.5CVSS6.3AI score0.00427EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/06/26 12:0 a.m.3 views

GitLab Authorization Issues Vulnerability

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. An authorization issue vulnerability exists in GitLab CE/EE, which stems from...

6.5CVSS7AI score0.00427EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/06/20 2:25 p.m.2 views

cosign: Malicious artifects can cause machine-wide denial of service

A flaw was found in the Cosign package where maliciously crafted software artifacts can trigger uncontrolled resource consumption by allocating too much memory and starving out the system. A successful attack may result in a denial of service of the machine running Cosign, impacting availability...

7.5CVSS5.7AI score0.00851EPSS
Exploits1References5
Rows per page
Query Builder