CVE-2025-40902 HTML injection in Users in Guardian/CMC before 26.1.0

A Stored HTML Injection vulnerability was discovered in the Users functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can create a malicious user whose username contains HTML tags. When a victim attempts to delete a group containing...

CVE-2025-40902

A Stored HTML Injection vulnerability was discovered in the Users functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can create a malicious user whose username contains HTML tags. When a victim attempts to delete a group containing...

EUVD-2025-209893

A Stored HTML Injection vulnerability was discovered in the Users functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can create a malicious user whose username contains HTML tags. When a victim attempts to delete a group containing...

PT-2026-41889

A Stored HTML Injection vulnerability was discovered in the Users functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can create a malicious user whose username contains HTML tags. When a victim attempts to delete a group containing...

EUVD-2018-10993

Malware in sbrugna...

EUVD-2004-0713

Malware in sbrugna...

EUVD-2021-9410

Malicious code in bioql PyPI...

EUVD-2025-22514

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-2307

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions...

CVE-2025-9444 1000projects Online Project Report Submission and Evaluation System delete_group_student.php sql injection

A vulnerability has been found in 1000projects Online Project Report Submission and Evaluation System 1.0. This issue affects some unknown processing of the file /admin/controller/deletegroupstudent.php. The manipulation of the argument batchid leads to sql injection. The attack can be initiated...

CVE-2025-45731

A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...

CVE-2025-45731

A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...

CVE-2025-45731

CVE-2025-45731 relates to a group deletion race condition in the 2FAuth v5.5.0 application. The issue arises when a group is deleted while other operations are pending, leading to data inconsistencies and orphaned accounts. The connected documents confirm the affected product and the underlying c...

CVE-2025-45731

A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...

CVE-2025-45731

A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...

BIT-GITLAB-2020-11649

An issue was discovered in GitLab CE and EE 8.15 through 12.9.2. Members of a group could still have access after the group is deleted...

PT-2022-15828 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.0 through 15.0.5 GitLab CE/EE versions 15.1 through 15.1.4 GitLab CE/EE versions 15.2 through 15.2.1 Description: The issue is related to a lack of cascading deletes, allowing a malicious Group Owner to retain a usabl...

Gitlab -- multiple vulnerabilities

Gitlab reports: Revoke access to confidential notes todos Pipeline subscriptions trigger new pipelines with the wrong author Ability to gain access to private project through an email invite by using other user's email address as an unverified secondary email Import via git protocol allows to...

Design/Logic Flaw

An issue has been discovered in GitLab affecting all versions starting from 13.8 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. Under specialized conditions, an invited group member may continue to have access to a project even after t...

UBUNTU-CVE-2021-22264

An issue has been discovered in GitLab affecting all versions starting from 13.8 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions starting from 14.2 before 14.2.2. Under specialized conditions, an invited group member may continue to have access to a project even after t...