Lucene search
K

12 matches found

Cvelist
Cvelist
added 2025/08/27 7:33 p.m.11 views

CVE-2025-5101 Improper Control of Generation of Code ('Code Injection') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that under certain conditions could have allowed an authenticated attacker to distribute malicious code that appears harmless in the web interface by taking advantage of...

5CVSS0.0012EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/08/27 7:33 p.m.5 views

CVE-2025-5101

Removed by vendor...

5CVSS5.8AI score0.0012EPSS
Exploits0
Amazon
Amazon
added 2023/09/25 12:0 a.m.9 views

Important: golang

Issue Overview: An out of bounds read vulnerability was found in debug/macho of the Go standard library. When using the debug/macho standard library stdlib and malformed binaries are parsed using Open or OpenFat, it can cause golang to attempt to read outside of a slice array causing a panic when...

9.1CVSS7.4AI score0.05623EPSS
Exploits5
Veracode
Veracode
added 2023/08/06 5:37 a.m.21 views

Authorization Bypass

gitlab is vulnerable to Authorization Bypasses. A branch/tag name confusion allows an attacker to manipulate pages where the content of the default branch would be expected...

4.3CVSS6.8AI score0.00642EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.3 views

SUSE CVE-2022-23773

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags...

5CVSS8.6AI score0.02698EPSS
Exploits0References11
Prion
Prion
added 2022/10/17 4:15 p.m.32 views

Design/Logic Flaw

A branch/tag name confusion in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to manipulate pages where the content of the default branch would be expected...

4CVSS4.5AI score0.00642EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/10/17 12:0 a.m.26 views

CVE-2022-3288

A branch/tag name confusion in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to manipulate pages where the content of the default branch would be expected...

3.5CVSS4.2AI score0.00642EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2022/10/17 12:0 a.m.45 views

CVE-2022-3288

Removed by vendor...

4.3CVSS5.8AI score0.00642EPSS
Exploits0
CVE
CVE
added 2022/10/17 12:0 a.m.105 views

CVE-2022-3288

GitLab CVE-2022-3288 affects GitLab CE/EE; a branch/tag name confusion allows manipulation of pages where the default-branch content is expected. Affected versions: <15.2.5, <15.3.4, and

4.3CVSS4.5AI score0.00642EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/10/14 12:0 a.m.50 views

GitLab < 15.2.5 (CVE-2022-3288)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A branch/tag name confusion in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to manipulate pages where the content of the defau...

4.3CVSS5.2AI score0.00642EPSS
Exploits0References4
OSV
OSV
added 2022/02/11 1:15 a.m.2 views

DEBIAN-CVE-2022-23773

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags...

7.5CVSS8.1AI score0.02698EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2005/07/10 12:0 a.m.5 views

PT-2005-3111 · Grandstream · Grandstream Budgetone (Bt) 100

Name of the Vulnerable Software and Affected Versions: Grandstream BudgeTone BT 100 affected versions not specified Description: The issue concerns the Grandstream BudgeTone BT 100 Voice over IP VoIP phones, which do not properly validate certain values in a NOTIFY message. This allows remote...

7.5CVSS6.4AI score0.01189EPSS
Exploits0References6
Rows per page
Query Builder