3 matches found
CVE-2025-10871 Missing Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions from 16.6 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1. Project Maintainers can exploit a vulnerability where they can assign custom roles to users with permissions exceeding their own, effectively granting themselves...
CVE-2025-46265
On F5OS, an improper authorization vulnerability exists where remotely authenticated users LDAP, RADIUS, TACACS+ may be authorized with higher privilege F5OS roles. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
K000139503: F5OS vulnerability CVE-2025-46265
Security Advisory Description On F5OS, an improper authorization vulnerability exists where remotely authenticated users LDAP, RADIUS, TACACS+ may be authorized with higher privilege F5OS roles. CVE-2025-46265 Impact This vulnerability may allow a remote, authenticated attacker to be unexpectedly...