20 matches found
EUVD-2019-3215
Malware in sbrugna...
EUVD-2025-6113
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-22263
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 13.0 before 14.0.9, all versions starting from 14.1 before 14.1.4, all versions...
CVE-2023-3914
A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. A service account is not deleted when a namespace is deleted, allowing access to internal projects...
CVE-2023-3915
An issue has been discovered in GitLab EE affecting all versions starting from 16.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. If an external user is given an owner role on any group, that external user may escalate their privilege...
CVE-2024-12619 Insufficient Granularity of Access Control in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1, allowing internal users to gain unauthorized access to internal projects...
CVE-2025-1540
GitLab CVE-2025-1540 affects GitLab CE/EE Self-Managed and Dedicated instances across all versions from 17.5 up to (but not including) 17.6.5, 17.7 up to 17.7.4, and 17.8 up to 17.8.2. The issue allows a user who is added as an External to read and clone internal projects under certain circumstan...
CVE-2025-1540
Removed by vendor...
CVE-2025-1540 Incorrect Authorization in GitLab
An issue has been discovered in GitLab CE/EE for Self-Managed and Dedicated instances affecting all versions from 17.5 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2. It was possible for a user added as an External to read and clone internal projects under certain circumstances."...
CVE-2023-40291
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name...
CVE-2023-40291
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name...
CVE-2023-40291
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name...
Default credentials
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name...
CVE-2023-40291
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name...
CVE-2022-27241
A vulnerability has been identified in Mendix Applications using Mendix 7 All versions V7.23.31, Mendix Applications using Mendix 8 All versions V8.18.18, Mendix Applications using Mendix 9 All versions V9.11, Mendix Applications using Mendix 9 V9.6 All versions V9.6.12. Applications built with a...
GitLab 权限许可和访问控制问题漏洞
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. GitLab suffers from a permissions licensing and access...
Information disclosure
An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It allows Information Disclosure. Non-member users who subscribe to notifications of an internal project with issue and repository...
CVE-2019-11544
Removed by vendor...
GitLab: Confidential issues leaked in public projects when attached to milestone
Vulnerability details When a confidential issue in a public or internal project is attached to a milestone, it is exposed through the GitLab API. Proof of concept As a victim, create a new public or internal project. Lets state that the project has ID 1. Create a milestone for this project. After...
用友某系统任意注册,导致泄露内部项目相关信息
简要描述: 用友某系统任意注册,导致泄露内部项目相关信息 详细说明: http://www.yonyougov.com:8080 这里竟然有个注册功能 ,我注册了一个 用户名aaaaa 密码admin 登录进去里面全是用友开发项目的bug等问题 还能提交问题上传文件 漏洞证明:...