Lucene search
K

7 matches found

Veracode
Veracode
added 2026/03/20 4:50 a.m.4 views

Information Disclosure

code.gitea.io/gitea is vulnerable to information disclosure. The vulnerability is due to improper exposure of user metadata through sortable fields such as last login time, which allows an attacker to infer users' login activity by manipulating the explore/users sort order...

5.3CVSS7.2AI score0.00328EPSS
Exploits0References5Affected Software3
SUSE CVE
SUSE CVE
added 2026/01/06 12:23 a.m.5 views

SUSE CVE-2025-68943

Gitea before 1.21.8 inadvertently discloses users' login times by allowing for example the lastlogintime explore/users sort order...

5.3CVSS7AI score0.00328EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/12/26 6:30 a.m.10 views

Gitea inadvertently discloses users' login times by allowing (for example) the lastlogintime explore/users sort order

Gitea before 1.21.8 inadvertently discloses users' login times by allowing for example the lastlogintime explore/users sort order...

5.3CVSS7AI score0.00328EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2025/12/26 3:19 a.m.28 views

CVE-2025-68943

Gitea before 1.21.8 inadvertently discloses users' login times by allowing for example the lastlogintime explore/users sort order...

5.3CVSS0.00328EPSS
Exploits0References3
CVE
CVE
added 2025/12/26 3:19 a.m.26 views

CVE-2025-68943

Summary: Gitea before 1.21.8 exposes users’ login times by the lastlogintime sort on the Explore/Users page. Affected: Gitea (code.gitea.io/gitea) prior to 1.21.8, including related models/routers. Root cause: sorting logic allows inadvertent disclosure of login timestamps. Impact: disclosure of ...

5.3CVSS6.6AI score0.00328EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/03/11 6:15 p.m.5 views

UBUNTU-CVE-2021-32477

The last time a user accessed the mobile app is displayed on their profile page, but should be restricted to users with the relevant capability site administrators by default. Moodle versions 3.10 to 3.10.3 are affected...

4.3CVSS6.7AI score0.00726EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/08/18 12:0 a.m.19 views

openSUSE Security Update : fossil (openSUSE-2017-949)

This update for fossil to version 2.3 fixes the following issues : - Potential XSS vulnerability on the /help webpage boo1053267 This update also contains all upstream improvements and fixes in version 2.3 : - Update internal Unicode character tables, used in regular expression handling, from...

5.4AI score
Exploits0References1
Rows per page
Query Builder