PT-2026-44222

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.9 through 18.10.6 GitLab CE/EE versions 18.11 through 18.11.3 GitLab CE/EE versions 19.0 through 19.0.0 Description An authorization enforcement error allows a blocked Project Access Token to maintain access to private...

QNAP Qsync Central 安全漏洞

QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained security vulnerabilities. These vulnerabilities stemmed from unlimited resource allocation or throttling, which could le...

QNAP Systems QTS和QNAP Systems QuTS hero 安全漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both software with data storage and management capabilities from QNAP Systems, a Taiwan, China-based company. A security vulnerability exists in QNAP Systems QTS and QNAP Systems QuTS hero that stems from an unrestricted resource allocation, which...

QNAP Systems File Station 5 安全漏洞

QNAP File Station 5 is a core file management application developed by Qualcomm Technologies QNAP for its networked storage NAS devices. QNAP File Station 5 suffers from an Unlimited Resource Allocation or Throttling vulnerability that can be exploited by an attacker to cause resource access to b...

CVE-2025-44012

CVE-2025-44012 affects QNAP Qsync Central. The root cause is an allocation of resources without limits or throttling, allowing a remote attacker with a valid user account to exhaust resources and block access for other systems, applications, or processes. Affected are Qsync Central versions prior...

CVE-2025-44007 Qsync Central

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We hav...