500 matches found
FreeBSD : Gitlab -- vulnerabilities (9d9940e7-071c-11f1-93ca-2cf05da270f3)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 9d9940e7-071c-11f1-93ca-2cf05da270f3 advisory. Gitlab reports: Incomplete Validation issue in Web IDE impacts GitLab CE/EE Denial of Service...
[SECURITY] Fedora 43 Update: sad-0.4.32-4.fc43
Space Age seD - Batch File Edit tool. It will show you a really nice diff of proposed changes before you commit them...
CVE-2026-24685
OpenProject is an open-source, web-based project management software. Versions prior to 16.6.6 and 17.0.2 have an arbitrary file write vulnerability in OpenProject’s repository diff download endpoint /projects/:projectid/repository/diff.diff when rendering a single revision via git show. By...
CVE-2026-24685
OpenProject is an open-source, web-based project management software. Versions prior to 16.6.6 and 17.0.2 have an arbitrary file write vulnerability in OpenProject’s repository diff download endpoint /projects/:projectid/repository/diff.diff when rendering a single revision via git show. By...
EUVD-2026-4879
OpenProject is an open-source, web-based project management software. Versions prior to 16.6.6 and 17.0.2 have an arbitrary file write vulnerability in OpenProject’s repository diff download endpoint /projects/:projectid/repository/diff.diff when rendering a single revision via git show. By...
CVE-2026-24685
OpenProject is an open-source, web-based project management software. Versions prior to 16.6.6 and 17.0.2 have an arbitrary file write vulnerability in OpenProject’s repository diff download endpoint /projects/:projectid/repository/diff.diff when rendering a single revision via git show. By...
CVE-2026-24685 OpenProject has Argument Injection on Repository module that allows Arbitrary File Write
OpenProject is an open-source, web-based project management software. Versions prior to 16.6.6 and 17.0.2 have an arbitrary file write vulnerability in OpenProject’s repository diff download endpoint /projects/:projectid/repository/diff.diff when rendering a single revision via git show. By...
CVE-2026-24685
CVE-2026-24685 affects OpenProject prior to 16.6.6 and 17.0.2. The vulnerability arises in the repository diff download endpoint when rendering a single revision with git show; an attacker can inject git show options by supplying a crafted rev (e.g., rev=--output=/tmp/poc.txt), causing OpenProjec...
CVE-2026-24685 OpenProject has Argument Injection on Repository module that allows Arbitrary File Write
OpenProject is an open-source, web-based project management software. Versions prior to 16.6.6 and 17.0.2 have an arbitrary file write vulnerability in OpenProject’s repository diff download endpoint /projects/:projectid/repository/diff.diff when rendering a single revision via git show. By...
CVE-2026-24685 OpenProject has Argument Injection on Repository module that allows Arbitrary File Write
OpenProject is an open-source, web-based project management software. Versions prior to 16.6.6 and 17.0.2 have an arbitrary file write vulnerability in OpenProject’s repository diff download endpoint /projects/:projectid/repository/diff.diff when rendering a single revision via git show. By...
PT-2026-5149
Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 16.6.6 OpenProject versions prior to 17.0.2 Description OpenProject is a web-based project management software. A file write issue exists in the repository diff download endpoint /projects/:project...
0g-serving-broker (=0.1.0), 10x-cli (=0.0.7) +3173 more potentially affected by CVE-2026-24001 via diff (>=6.0.0 <=8.0.2)
diff NPM version =6.0.0, =0.1.0, =1.0.0, =0.5.0, =0.1.1, =0.1.1, =0.1.1, =0.1.8, =0.1.5, =1.0.0, =0.0.0-dev-nicolas-fix-publishing-aurora-mcp-1750279939, =0.0.65, =0.1.0, =0.1.4 and more Source cves: CVE-2026-24001 Source advisory: OSV:GHSA-73RR-HH4G-FPGX...
01-numacert (>=1.0.0 <=3.0.0), 101 (>=0.3.0 <=0.7.1) +22909 more potentially affected by CVE-2026-24001 via diff (>=1.0.1 <=3.5.0)
diff NPM version =1.0.1, =1.0.0, =0.3.0, =0.0.15, =1.0.4, =5.4.4, =5.4.4, =2.2.1, =1.1.8, =1.0.0, =1.0.0, =2.0.0, =0.1.0, =0.0.97, =0.0.981 and more Source cves: CVE-2026-24001 Source advisory: OSV:GHSA-73RR-HH4G-FPGX...
@0k.io/prettier (>=0.0.2 <=0.0.3), @0k/prettier (>=0.2.0 <=0.2.1) +319 more potentially affected by CVE-2026-24001 via diff (>=4.0.1 <=4.0.2)
diff NPM version =4.0.1, =0.0.2, =0.2.0, =1.2.0, =0.3.2, =0.4.0-next.6, =7.0.0-alpha.0, =7.0.0-alpha.0, =7.0.0-alpha.0, =7.0.0-alpha.0, =7.0.0-alpha.0, =0.4.0, =1.5.0, =4.0.0, =1.0.0, =2.1.0 and more Source cves: CVE-2026-24001 Source advisory: OSV:GHSA-73RR-HH4G-FPGX...
02.aula (=1.0.0), 19json-validator (>=0.0.3 <=0.0.4) +3294 more potentially affected by CVE-2026-24001 via diff (>=5.0.0 <=5.2.0)
diff NPM version =5.0.0, =0.0.3, =0.0.1, =0.1.23, =0.1.4, =1.0.0, =1.0.7, =10.4.0, =9.0.0, =10.0.0, =10.0.0, =10.6.0 and more Source cves: CVE-2026-24001 Source advisory: OSV:GHSA-73RR-HH4G-FPGX...
01-numacert (>=1.0.0 <=3.0.0), 12g (>=0.0.15 <=1.0.1) +7559 more potentially affected by CVE-2026-24001 via diff (>=3.0.0 <=3.5.0)
diff NPM version =3.0.0, =1.0.0, =0.0.15, =1.0.4, =5.4.4, =5.4.4, =2.2.1, =1.1.8, =1.0.0, =2.0.0, =0.0.1, =0.1.1, =0.1.0, =1.0.0, =1.8.1 and more Source cves: CVE-2026-24001 Source advisory: SNYK:JS-DIFF-14917201...
Regular Expression Denial of Service (ReDoS)
Overview diff is a javascript text differencing implementation. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the parsePatch and applyPatch functions if the user input passed without sanitisation. An attacker can cause the process to enter an...
02.aula (=1.0.0), 19json-validator (>=0.0.3 <=0.0.4) +3294 more potentially affected by CVE-2026-24001 via diff (>=5.0.0 <=5.2.0)
diff NPM version =5.0.0, =0.0.3, =0.0.1, =0.1.23, =0.1.4, =1.0.0, =1.0.7, =10.4.0, =9.0.0, =10.0.0, =10.0.0, =10.6.0 and more Source cves: CVE-2026-24001 Source advisory: SNYK:JS-DIFF-14917201...
0g-serving-broker (=0.1.0), 10x-cli (=0.0.7) +3173 more potentially affected by CVE-2026-24001 via diff (>=6.0.0 <=8.0.2)
diff NPM version =6.0.0, =0.1.0, =1.0.0, =0.5.0, =0.1.1, =0.1.1, =0.1.1, =0.1.8, =0.1.5, =1.0.0, =0.0.0-dev-nicolas-fix-publishing-aurora-mcp-1750279939, =0.0.65, =0.1.0, =0.1.4 and more Source cves: CVE-2026-24001 Source advisory: SNYK:JS-DIFF-14917201...
@0k.io/prettier (>=0.0.2 <=0.0.3), @0k/prettier (>=0.2.0 <=0.2.1) +319 more potentially affected by CVE-2026-24001 via diff (>=4.0.1 <=4.0.2)
diff NPM version =4.0.1, =0.0.2, =0.2.0, =1.2.0, =0.3.2, =0.4.0-next.6, =7.0.0-alpha.0, =7.0.0-alpha.0, =7.0.0-alpha.0, =7.0.0-alpha.0, =7.0.0-alpha.0, =0.4.0, =1.5.0, =4.0.0, =1.0.0, =2.1.0 and more Source cves: CVE-2026-24001 Source advisory: SNYK:JS-DIFF-14917201...