EUVD-2023-29229

Malicious code in bioql PyPI...

CVE-2023-25267

An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 fixed in 10.0.0. There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI...

Discourse 代码问题漏洞

Discourse is an open source community discussion platform. The platform includes community, email and chat room features. A code issue vulnerability exists in versions prior to Discourse 2.8.14 that stems from when a user requests a password reset linked email and then changes their primary email...

CVE-2022-3351

An issue has been discovered in GitLab EE affecting all versions starting from 13.7 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. A user's primary email may be disclosed to an attacker through group member events webhooks...

PT-2022-21785 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 13.7 through 15.2.4 GitLab EE versions 15.3 through 15.3.3 GitLab EE versions 15.4 through 15.4.0 Description: An issue has been discovered in GitLab EE where a user's primary email may be disclosed to an attacker through...

GitLab 信息泄露漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab EE version 13.7 up to and including...

Insecure Direct Object Reference

github.com/gogs/gogs is vulnerable to insecure direct object reference. A remote attacker is able to configure and set the primary email address of other users on their behalf...