21 matches found
EUVD-2019-5525
Malware in sbrugna...
EUVD-2024-27818
Malicious code in bioql PyPI...
CVE-2024-2818
An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1. It was possible for an attacker to cause a denial of service using malicious crafted description parameter for labels...
BIT-GITLAB-2024-2874 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions before 16.10.6, version 16.11 before 16.11.3, and 17.0 before 17.0.1. A runner registered with a crafted description has the potential to disrupt the loading of targeted GitLab web resources...
BIT-GITLAB-2024-2818 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1. It was possible for an attacker to cause a denial of service using malicious crafted description parameter for labels...
CVE-2024-2818
CVE-2024-2818 concerns GitLab CE/EE. Affected are all versions before 16.8.5, all 16.9.x before 16.9.3, and all 16.10.x before 16.10.1. An attacker could cause a denial of service by sending a malicious crafted description parameter for labels. The issue’s remediation is to upgrade to the fixed r...
CVE-2024-2818 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1. It was possible for an attacker to cause a denial of service using malicious crafted description parameter for labels...
CVE-2024-2818
Removed by vendor...
DouCo DouPHP 跨站脚本漏洞
DouCo DouPHP is a lightweight enterprise content management system CMS from China's DouCo Network Technology. A security vulnerability exists in DouCo DouPHP v1.7 20221118, which originates from cross-site scripting in the /admin/articlecategory.php component and allows attackers to execute...
CVE-2019-14298
Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Descriptionconfig field to addDashboard or editDashboard in CommonDataHandlerReadOnly.ashx...
Cross site scripting
MapOS 3.1.11 and earlier has a Stored Cross-site Scripting XSS vulnerability in /clientes/visualizar, which allows remote attackers to inject arbitrary web script or HTML via a crafted description parameter...
CVE-2017-16919
MapOS 3.1.11 and earlier has a Stored Cross-site Scripting XSS vulnerability in /clientes/visualizar, which allows remote attackers to inject arbitrary web script or HTML via a crafted description parameter...
CVE-2017-16919
MapOS 3.1.11 and earlier has a Stored Cross-site Scripting XSS vulnerability in /clientes/visualizar, which allows remote attackers to inject arbitrary web script or HTML via a crafted description parameter...
CVE-2017-16919
MapOS 3.1.11 and earlier has a Stored Cross-site Scripting XSS vulnerability in /clientes/visualizar, which allows remote attackers to inject arbitrary web script or HTML via a crafted description parameter...
Design/Logic Flaw
The platform-sw component on Cisco Adaptive Security Appliances ASA 5500 series devices with software 8.2 before 8.25.3, 8.3 before 8.32.20, and 8.4 before 8.42.1 does not properly handle non-ASCII characters in an interface description, which allows local users to cause a denial of service reloa...
DEBIAN-CVE-2009-3637
Stack-based buffer overflow in the MAddToServerList function in client/menu.c in Red Planet Arena Alien Arena 7.30 allows remote attackers to execute arbitrary code via a packet with a crafted server description to UDP port 27901 followed by a packet with a long print command...
Integer overflow
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow...
CVE-2009-0186
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow...
CVE-2009-0186
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow...
CVE-2009-0186
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow...