EUVD-2025-200289

Singluarity ineffectively applies selinux / apparmor LSM process labels...

CVE-2025-64750 Singluarity ineffectively applies of selinux / apparmor LSM process labels

SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...

CVE-2025-64750 Singluarity ineffectively applies of selinux / apparmor LSM process labels

SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...

CVE-2025-64750

CVE-2025-64750 affects SingularityCE before 4.3.5 and SingularityPRO before 4.1.11 and 4.3.5. The issue arises when a user relies on LSM restrictions to prevent malicious operations; under certain conditions an attacker can redirect the LSM label write operation to be ineffective. Exploitation re...

CVE-2025-64750

SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...

CVE-2025-13611

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.5.5 and 18.6 before 18.6.3 that could have allowed an authenticated user with access to certain logs to obtain sensitive tokens under specific conditions...

CVE-2025-13611 Insertion of Sensitive Information into Log File in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user with access to certain logs to obtain sensitive tokens under specific conditions...

CVE-2025-12983 vulnerabilities

Vulnerabilities for packages: gitlab-workhorse-ce-fips, gitlab-runner, gitlab-workhorse-ce, gitlab-runner-fips, gitlab-rails-ce-fips, gitlab-rails-ce...

CVE-2025-2615 vulnerabilities

Vulnerabilities for packages: gitlab-workhorse-ce-fips, gitlab-runner, gitlab-workhorse-ce, gitlab-runner-fips, gitlab-rails-ce-fips, gitlab-rails-ce...

EUVD-2025-197693

An issue has been discovered in GitLab CE/EE affecting all versions from 17.6 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that, under specific conditions, could have allowed unauthorized users to view confidential branch names by accessing project issues with related merge requests...

PT-2025-47050

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 16.7 through 18.3.6 GitLab CE/EE versions 18.4 through 18.4.4 GitLab CE/EE versions 18.5 through 18.5.2 Description A flaw exists in GitLab CE/EE that could allow a blocked user to access sensitive information. This is...

Fedora: Security Advisory (FEDORA-2025-75b28e93c9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-a6641a44f2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : singularity-ce (2025-75b28e93c9)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-75b28e93c9 advisory. Upgrade to 4.3.4 upstream version. Build with Go 1.24.9 fixes multiple Go CVEs BZ2408093 BZ2408688 BZ2409563 BZ2410514 BZ2411412 Tenable has extract...

Fedora 43 : singularity-ce (2025-a6641a44f2)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a6641a44f2 advisory. Upgrade to 4.3.4 upstream version. Go 1.25.2 for build fixes multiple go CVEs. BZ2408346 BZ2408744 BZ2409819 BZ2410769 BZ2411665 Tenable has extract...

CVE-2025-12490

The CVE-2025-12490 entry describes a path traversal in Netgate pfSense CE Suricata that allows remote creation of arbitrary files with root privileges. The root cause is inadequate validation of a user-supplied path before file operations within the Suricata package, requiring authentication to e...

Netgate pfSense CE 路径遍历漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate that supports enterprise-class network security and network management features. A path traversal vulnerability exists in Netgate pfSense CE, which stems from insufficient validation of user-supplied path...

CVE-2025-5517

Heap-based Buffer Overflow vulnerability in ABB Terra AC wallbox UL40/80A, ABB Terra AC wallbox UL32A, ABB Terra AC wallbox MID/ CE -Terra AC MID, ABB Terra AC wallbox MID/ CE -Terra AC Juno CE, ABB Terra AC wallbox MID/ CE -Terra AC PTB, ABB Terra AC wallbox JP.This issue affects Terra AC wallbo...

CVE-2025-2934 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2 that could have allowed an authenticated attacker to create a denial of service condition by configuring malicious webhook endpoints that send crafted HTT...

EUVD-2021-26263

Malware in sbrugna...