5 matches found
CVE-2024-9183 Time-of-check Time-of-use (TOCTOU) Race Condition in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 prior to 18.4.5, 18.5 prior to 18.5.3, and 18.6 prior to 18.6.1 that could have allowed an authenticated user to obtain credentials from higher-privileged users and perform actions in their context under specific...
PT-2022-15433 · Ibm · Ibm Infosphere Information Server
Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue allows an authenticated user to view information of higher privileged users and groups due to a privilege escalation vulnerability. Recommendations: For IBM InfoSphere...
CVE-2018-0322
A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning PCP could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device. The vulnerability is due to a failure to enforce access restrictio...
CVE-2018-0322
A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning PCP could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device. The vulnerability is due to a failure to enforce access restrictio...
Cross site scripting
Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the customer and order section of the content management system backend modules. Remote attackers are able to inject malicious script code into the firstname, lastname, or order input fields to provoke persistent execution in the...