EUVD-2023-24027

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-31864

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming...

CVE-2023-1825

An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. It was possible to disclose issue notes to an unauthorized user at project export...

BIT-GITLAB-2023-1825 Insertion of Sensitive Information Into Sent Data in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. It was possible to disclose issue notes to an unauthorized user at project export...

BIT-REDMINE-2021-31864

Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming mail handler...

CVE-2023-1825

An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. It was possible to disclose issue notes to an unauthorized user at project export...

CVE-2023-1825 Insertion of Sensitive Information Into Sent Data in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. It was possible to disclose issue notes to an unauthorized user at project export...

CVE-2023-1825

CVE-2023-1825 affects GitLab EE, with a vulnerability that allowed disclosure of issue notes to unauthorized users during project export in multiple release lines (15.7–15.10.7, 15.11.0–15.11.6, 16.0.0–16.0.1). The underlying issue is the exposure of issue notes when exporting a project, enabling...

Incorrect Authorization

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Incorrect Authorization via the filedownload.php process. An attacker can access private files by directly accessing the file download URLs associated with private issue notes, despite not havi...

OPENSUSE-SU-2021:1505-1 Security update for netcdf

This update for netcdf fixes the following issues: - Fixed multiple vulnerabilities in ezXML: CVE-2019-20007, CVE-2019-20006, CVE-2019-20201, CVE-2019-20202, CVE-2019-20199, CVE-2019-20200, CVE-2019-20198, CVE-2021-26221, CVE-2021-26222, CVE-2021-30485, CVE-2021-31229, CVE-2021-31347,...

DEBIAN-CVE-2021-31864

Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming mail handler...

Redmine 安全特征问题漏洞

Redmine is a set of open source Web-based project management and defect tracking tools . The product provides project management , issue tracking and role-based access control and other features . A security feature issue vulnerability exists in Redmine versions prior to 4.0.9, 4.1.x series...

Redmine 安全漏洞

Redmine is a set of open source Web-based project management and defect tracking tools . The product provides project management , issue tracking and role-based access control and other features . A security vulnerability exists in Redmine before 4.0.8 and 4.1.x before 4.1.2 that allows an attack...