UBUNTU-CVE-2026-5296

GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that when foundational flows were enabled at the group level, could have allowed an authenticated user with developer-role permissions to bypass flow...

CVE-2026-5296

GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that when foundational flows were enabled at the group level, could have allowed an authenticated user with developer-role permissions to bypass flow...

EUVD-2026-32619

GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that when foundational flows were enabled at the group level, could have allowed an authenticated user with developer-role permissions to bypass flow...

EUVD-2025-20987

Malicious code in bioql PyPI...

CVE-2025-4972

Removed by vendor...

GitLab 13.3 < 17.11.6 / 18.0 < 18.0.4 / 18.1 < 18.1.2 (CVE-2025-3396)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions from 13.3 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that could have allowed authenticated project owners to bypass...

GitLab 18.0 < 18.0.4 / 18.1 < 18.1.2 (CVE-2025-4972)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that could have allowed authenticated users with invitation privileges to bypass...

CVE-2024-3127

An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 17.1.6, all versions starting from 17.2 before 17.2.4, all versions starting from 17.3 before 17.3.1. Under certain conditions it may be possible to bypass the IP restriction for groups through GraphQL...

CVE-2024-3127

Technical details of CVE-2024-3127 are not publicly provided in the submitted documents; no affected products, versions, or remediation details are included here. Monitor for updates.

GitLab 12.5 < 17.1.6 / 17.2 < 17.2.4 / 17.3 < 17.3.1 (CVE-2024-3127)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 17.1.6, all versions starting from 17.2 before 17.2.4, all versions starting from 17.3 before 17.3.1. Under...

Information Disclosure

Moodle is vulnerable to information disclosures. The application sets certain group IDs to 0 upon a database-entry change, allowing a malicious user to view group-level entries after being edited by a user with a teacher role...

Tencent QQ group system has design logic loopholes

Tencent QQ is an Internet-based instant messaging IM software. There is a design logic vulnerability in the Tencent QQ group system that allows an attacker to modify form information to lower the QQ group level...