Lucene search
K

52 matches found

Positive Technologies
Positive Technologies
added 2023/04/05 12:0 a.m.2 views

PT-2023-17188 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 15.0 through 15.8.4 GitLab versions 15.9 through 15.9.3 GitLab versions 15.10 through 15.10.0 Description: A sensitive information disclosure issue in GitLab allows an attacker to view the count of internal notes for a given...

5.3CVSS4.7AI score0.00786EPSS
Exploits0References10
OSV
OSV
added 2023/04/05 12:0 a.m.18 views

CVE-2023-1710

A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of internal notes for a given issue...

5.3CVSS8.8AI score0.00786EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/04/04 12:0 a.m.67 views

GitLab 15.0 < 15.8.5 / 15.9 < 15.9.4 / 15.10 < 15.10.1 (CVE-2023-1710)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of...

5.3CVSS5.7AI score0.00786EPSS
Exploits0References4
NVD
NVD
added 2022/11/10 12:15 a.m.19 views

CVE-2022-3819

An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...

4.3CVSS0.00426EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/11/10 12:15 a.m.28 views

CVE-2022-3819

An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...

4.3CVSS5.9AI score0.00426EPSS
Exploits0References1
OSV
OSV
added 2022/11/10 12:15 a.m.3 views

UBUNTU-CVE-2022-3819

An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...

4.3CVSS5.8AI score0.00426EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/09 12:0 a.m.2 views

PT-2022-24267 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.0 through 15.3.4 GitLab CE/EE versions 15.4 through 15.4.3 GitLab CE/EE versions 15.5 through 15.5.1 Description: An improper authorization issue in GitLab CE/EE allows malicious users to set emojis on internal notes...

4.3CVSS4.2AI score0.00426EPSS
Exploits0References11
Cvelist
Cvelist
added 2022/11/09 12:0 a.m.33 views

CVE-2022-3819

An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...

3.5CVSS4.9AI score0.00426EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/09 12:0 a.m.9 views

CVE-2022-3819

An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...

3.5CVSS6.7AI score0.00426EPSS
Exploits0References2
OSV
OSV
added 2022/11/09 12:0 a.m.19 views

CVE-2022-3819

An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...

3.5CVSS4.2AI score0.00426EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2022/11/09 12:0 a.m.35 views

CVE-2022-3819

Removed by vendor...

4.3CVSS5.8AI score0.00426EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/06/29 12:0 a.m.7 views

The vulnerability of the osTicket customer support system, related to the lack of mechanisms to neutralize elements in the CSV file, allows a violator to execute arbitrary code.

The vulnerability of the osTicket customer support system lies in the lack of a mechanism to eliminate certain elements in the CSV file specifically, the fields “Name” and “Internal Notes” in the “Users” tab. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8AI score0.09612EPSS
Exploits4References5Affected Software1
Rows per page
Query Builder