PT-2026-25987

Summary A vulnerability exists in the Community Tier of Harden-Runner that allows bypassing the egress-policy: block network restriction using DNS queries over TCP. Harden-Runner enforces egress policies on GitHub runners by filtering outbound connections at the network layer. When egress-policy:...

CVE-2025-58742 Insufficient Configuration Protections Enable Database Credential Interception in Milner ImageDirector Capture

Insufficiently Protected Credentials, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Connection Settings dialog in Milner ImageDirector Capture on Windows allows Adversary in the Middle AiTM by modifying the 'Server' field to redirect client...

EUVD-2025-24278

Malicious code in bioql PyPI...

PT-2024-4183 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.2.4 through 16.10.5 GitLab CE/EE versions 16.11 through 16.11.2 GitLab CE/EE versions 17.0 through 17.0.0 Description: A denial of service DoS condition was discovered in GitLab CE/EE. This issue is related to...

PT-2024-22142

Name of the Vulnerable Software and Affected Versions RSSHub versions prior to 1.0.0-master.a429472 Description The issue allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network or conduct Denial-of-Servi...

PT-2020-6641 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.11.6 GitLab versions prior to 13.12.6 GitLab versions prior to 14.0.2 Description: The issue is related to a reflected cross-site script vulnerability. It allows a remote attacker to compromise data integrity by...