9840 matches found
UBUNTU-CVE-2026-2845
An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an authenticated user to cause denial of service by exploiting a Bitbucket Server import endpoint via repeatedly sending large responses...
CVE-2026-2845 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an authenticated user to cause denial of service by exploiting a Bitbucket Server import endpoint via repeatedly sending large responses...
CVE-2026-2845 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an authenticated user to cause denial of service by exploiting a Bitbucket Server import endpoint via repeatedly sending large responses...
CVE-2026-2845
An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an authenticated user to cause denial of service by exploiting a Bitbucket Server import endpoint via repeatedly sending large responses...
CVE-2026-2845 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an authenticated user to cause denial of service by exploiting a Bitbucket Server import endpoint via repeatedly sending large responses...
CVE-2026-2845
Summary of CVE-2026-2845 : GitLab CE/EE versions affected are 11.2–before 18.7.5, 18.8–before 18.8.5, and 18.9–before 18.9.1. The issue allows an authenticated user to cause a denial of service by exploiting the Bitbucket Server import endpoint through repeatedly sending large responses. The vuln...
CVE-2026-2845
Removed by vendor...
GitLab 安全漏洞
GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD continuous integration and delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.7.5, 18.8.5...
PT-2026-22006
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 11.2 through 18.7.4 GitLab CE/EE versions 18.8 through 18.8.4 GitLab CE/EE versions 18.9 through 18.9.0 Description An authenticated user could cause a denial of service by exploiting a Bitbucket Server import endpoint...
CVE-2026-2983
A vulnerability was determined in SourceCodester Student Result Management System 1.0. The impacted element is an unknown function of the file /admin/core/importusers.php of the component Bulk Import. This manipulation of the argument File causes improper access controls. Remote exploitation of t...
CVE-2026-2954
A vulnerability was found in Dromara UJCMS 10.0.2. Impacted is the function importChanel of the file /api/backend/ext/import-data/import-channel of the component ImportDataController. Performing a manipulation of the argument driverClassName/url results in injection. It is possible to initiate th...
CVE-2026-2983
A vulnerability was determined in SourceCodester Student Result Management System 1.0. The impacted element is an unknown function of the file /admin/core/importusers.php of the component Bulk Import. This manipulation of the argument File causes improper access controls. Remote exploitation of t...
CVE-2026-2983
A vulnerability was determined in SourceCodester Student Result Management System 1.0. The impacted element is an unknown function of the file /admin/core/importusers.php of the component Bulk Import. This manipulation of the argument File causes improper access controls. Remote exploitation of t...
CVE-2026-2983 SourceCodester Student Result Management System Bulk Import import_users.php access control
A vulnerability was determined in SourceCodester Student Result Management System 1.0. The impacted element is an unknown function of the file /admin/core/importusers.php of the component Bulk Import. This manipulation of the argument File causes improper access controls. Remote exploitation of t...
CVE-2026-2983 SourceCodester Student Result Management System Bulk Import import_users.php access control
A vulnerability was determined in SourceCodester Student Result Management System 1.0. The impacted element is an unknown function of the file /admin/core/importusers.php of the component Bulk Import. This manipulation of the argument File causes improper access controls. Remote exploitation of t...
CVE-2026-2983
A vulnerability was determined in SourceCodester Student Result Management System 1.0. The impacted element is an unknown function of the file /admin/core/importusers.php of the component Bulk Import. This manipulation of the argument File causes improper access controls. Remote exploitation of t...
CVE-2026-2983
CVE-2026-2983 affects SourceCodester Student Result Management System 1.0. The vulnerability is in the Bulk Import component, specifically the unknown function handling the File argument in /admin/core/import_users.php, where manipulating File leads to improper access controls. Remote exploitatio...
SourceCodester Student Result Management System 访问控制错误漏洞
SourceCodester Student Result Management System is an open-source student grade management system developed by SourceCodester. Version 1.0 of the SourceCodester Student Result Management System has a vulnerability related to access control. This vulnerability stems from improper handling of...
PT-2026-21510
Name of the Vulnerable Software and Affected Versions SourceCodester Student Result Management System version 1.0 Description A flaw exists in the Student Result Management System that allows for improper access controls. This is due to manipulation of the File argument within an unknown function...
CVE-2026-2954
A vulnerability was found in Dromara UJCMS 10.0.2. Impacted is the function importChanel of the file /api/backend/ext/import-data/import-channel of the component ImportDataController. Performing a manipulation of the argument driverClassName/url results in injection. It is possible to initiate th...