500 matches found
Insecure Deserialization
DeepDiff is vulnerable to insecure deserialization.The vulnerability is due to class pollution via the Delta class constructor which, when combined with a gadget in DeltaDiff, allows an attacker to modify deepdiff.serialization.SAFETOIMPORT and trigger insecure Pickle deserialization through Delt...
Security Bulletin: Vulnerabilities in Bouncy Castle, Eclipse JGit and Node.js diff might affect IBM Storage Defender Copy Data Management
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Bouncy Castle, Eclipse JGit and Node.js diff. Vulnerabilities include vulnerable to padding oracle attack, allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistic...
SUSE-SU-2025:20721-1 Security update for git
This update for git fixes the following issues: - Update to 2.51.0 - UI, Workflows & Features - Userdiff patterns for the R language have been added. - Documentation for "git send-email" has been updated with a bit more credential helper and OAuth information. - "git cat-file --batch" learns to...
Security update for git
This update for git fixes the following issues: Update to 2.51.0 UI, Workflows & Features Userdiff patterns for the R language have been added. Documentation for "git send-email" has been updated with a bit more credential helper and OAuth information. "git cat-file --batch" learns to understand...
Linux Distros Unpatched Vulnerability : CVE-2021-31607
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion...
MAL-2025-46904 Malicious code in diff-analysis (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 53f5c59231a450ff5c362e5a1f69715ca48a0ee311ba81d90daa03baef384a1d The OpenSSF Package Analysis project identified 'diff-analysis' @ 0.1.0.r8ff4356 rubygems as malicious. It is considered malicious because: - Th...
Malicious code in diff-analysis (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 53f5c59231a450ff5c362e5a1f69715ca48a0ee311ba81d90daa03baef384a1d The OpenSSF Package Analysis project identified 'diff-analysis' @ 0.1.0.r8ff4356 rubygems as malicious. It is considered malicious because: - Th...
CVE-2025-8447
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed users with access to any repository to retrieve limited code content from another repository by creating a diff between the repositories. To exploit this vulnerability, an attacker needed to know the...
Linux Distros Unpatched Vulnerability : CVE-2024-8312
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 17.3.6, 17.4 before 17.4.3, and 17.5 before 17.5.1. An attacker could inje...
Linux Distros Unpatched Vulnerability : CVE-2024-10043
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions...
Linux Distros Unpatched Vulnerability : CVE-2024-8233
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 9.4 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. An attacker could cause ...
Linux Distros Unpatched Vulnerability : CVE-2024-6329
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2...
Linux Distros Unpatched Vulnerability : CVE-2024-3092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. A payload...
CVE-2025-8447 Incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed read-only access
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed users with access to any repository to retrieve limited code content from another repository by creating a diff between the repositories. To exploit this vulnerability, an attacker needed to know the...
CVE-2025-8447
CVE-2025-8447 : GitHub Enterprise Server had an improper access-control issue enabling users with access to one repo to retrieve limited code from another repo by stacking a diff between repositories. An attacker needed the private-repo name and a branch/tag/commit SHA to trigger the compare/diff...
PT-2025-34727
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.18 GitHub Enterprise Server versions 3.14.17 GitHub Enterprise Server versions 3.15.12 GitHub Enterprise Server versions 3.16.8 GitHub Enterprise Server versions 3.17.5 Description: An improper...
Linux Distros Unpatched Vulnerability : CVE-2018-6951
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in...
Linux Distros Unpatched Vulnerability : CVE-2018-15472
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. The diff formatter using rouge...
Linux Distros Unpatched Vulnerability : CVE-2021-39932
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all version...
Linux Distros Unpatched Vulnerability : CVE-2023-0485
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 13.11 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions...