CVE-2022-3279

Removed by vendor...

CVE-2022-3330

Removed by vendor...

CVE-2022-2527

An issue in Incident Timelines has been discovered in GitLab CE/EE affecting all versions starting from 14.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2.which allowed an authenticated attacker to inject arbitrary content. A victim...

CVE-2022-3288

GitLab CVE-2022-3288 affects GitLab CE/EE; a branch/tag name confusion allows manipulation of pages where the default-branch content is expected. Affected versions: <15.2.5, <15.3.4, and

CVE-2022-2884

A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint...

CVE-2022-2455

A business logic issue in the handling of large repositories in all versions of GitLab CE/EE from 10.0 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2 allowed an authenticated and authorized user to exhaust server resources by importing ...

CVE-2022-3330

It was possible for a guest user to read a todo targeting an inaccessible note in Gitlab CE/EE affecting all versions from 15.0 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1...

CVE-2022-2931

A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. Malformed content added to the issue description could have been used to trigger high CPU usage...

CVE-2022-3288

A branch/tag name confusion in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to manipulate pages where the content of the default branch would be expected...

CVE-2022-3325

Improper access control in the GitLab CE/EE API affecting all versions starting from 12.8 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. Allowed for editing the approval rules via the API by an unauthorised user...

CVE-2022-3031

An issue has been discovered in GitLab CE/EE affecting all versions before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. It may be possible for an attacker to guess a user's password by brute force by sending crafted requests to a specific...

CVE-2022-3279

An unhandled exception in job log parsing in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to prevent access to job logs...

GitLab 15.0 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-3330)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - It was possible for a guest user to read a todo targeting an inaccessible note in Gitlab CE/EE affecting all versions from 15.0 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1...

Cisco Touch 10 Authentication Error Vulnerability

Cisco Touch 10 is a video conferencing system control unit from Cisco. It is designed for intuitive touch-based interaction with Webex Room Kit Series, Webex Rome Series, and Panorama Series systems, providing instant access to meetings, contacts, directories, and content. An authentication error...

Cisco Touch 10 安全漏洞

Cisco Touch 10 is a video conferencing system control unit from Cisco. It is designed for intuitive touch-based interaction with Webex Room Kit Series, Webex Rome Series, and Panorama Series systems, providing instant access to meetings, contacts, directories, and content. An authentication error...

The vulnerability of the microprogrammed wireless network adapter software of Lenovo’s Quectel EM05-CE laptops, related to the lack of measures to neutralize special elements, allows a perpetrator to execute arbitrary commands.

The vulnerability of the microprogrammed wireless network adapter Quectel EM05-CE for Lenovo laptops is related to the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability allows an attacker to execute arbitrary commands by sending...

PT-2022-4873 · Quectel · Quectel Em05-Ce

Name of the Vulnerable Software and Affected Versions: Quectel EM05-CE wireless network adapter versions affected versions not specified Description: The issue is related to the microprogram software of Quectel EM05-CE wireless network adapters in Lenovo laptops, which fails to neutralize special...

PT-2022-4614 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: Gitlab CE/EE versions 10.7 through 15.1.5 Gitlab CE/EE versions 15.2 through 15.2.3 Gitlab CE/EE versions 15.3 through 15.3.1 Description: A potential DoS issue was discovered, allowing an attacker to trigger high CPU usage via a specially...

PT-2022-4617 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 15.1.6 GitLab CE/EE version 15.2 prior to 15.2.4 GitLab CE/EE version 15.3 prior to 15.3.2 Description: The issue is related to insufficient input validation in GitLab, allowing a remote attacker to cause a deni...

PT-2022-4351

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 11.3.4 through 15.1.5 GitLab CE/EE versions 15.2 through 15.2.3 GitLab CE/EE versions 15.3 through 15.3.1 Description A vulnerability in GitLab CE/EE allows an authenticated user to achieve remote code execution via the...