CVE-2022-0371

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4, all versions starting from 14.6 before 14.6.4, all versions starting from 14.7 before 14.7.1. GitLab search may allow authenticated users to search other users by their respective private emails...

CVE-2025-61679

Anyquery is an SQL query engine built on top of SQLite. Versions 0.4.3 and below allow attackers who have already gained access to localhost, even with low privileges, to use the http server through the port unauthenticated, and access private integration data like emails, without any warning of ...

Linux Distros Unpatched Vulnerability : CVE-2022-0371

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4, all versions starting from 14.6 before 14.6.4, all version...

Linux Distros Unpatched Vulnerability : CVE-2021-22258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The project import/export feature in GitLab 8.9 and greater could be used to obtain otherwise private email addresses CVE-2021-22258 Note that Nessus relies on...

BIT-GITLAB-2022-0371

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4, all versions starting from 14.6 before 14.6.4, all versions starting from 14.7 before 14.7.1. GitLab search may allow authenticated users to search other users by their respective private emails...

Information Disclosure

gitlab is vulnerable to Information Disclosure. The vulnerability exists because the library's search option allows authenticated users to search other users by their respective private emails, even if a user sets their email to private...

CVE-2022-0371

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4, all versions starting from 14.6 before 14.6.4, all versions starting from 14.7 before 14.7.1. GitLab search may allow authenticated users to search other users by their respective private emails...

UBUNTU-CVE-2022-0371

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4, all versions starting from 14.6 before 14.6.4, all versions starting from 14.7 before 14.7.1. GitLab search may allow authenticated users to search other users by their respective private emails...

CVE-2022-0371

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4, all versions starting from 14.6 before 14.6.4, all versions starting from 14.7 before 14.7.1. GitLab search may allow authenticated users to search other users by their respective private emails...

CVE-2022-0371

Removed by vendor...

PT-2022-13132 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.4 through 14.5.3 GitLab CE/EE versions 14.6 through 14.6.3 GitLab CE/EE versions 14.7 through 14.7.0 Description: An issue has been discovered in GitLab CE/EE where the search function may allow authenticated users to...

GitLab 信息泄露漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An information disclosure vulnerability exists in GitLab...

GitLab: Able to leak private email of any user given his/her username via graphql

Summary Graphql query user is leaking private email of users query userusername:"" email username Steps to reproduce Step-by-step guide to reproduce the issue, including: Have a account with private email settings Use graphql query to access the private email query userusername:"" email username...

cPanel Input Validation Error Vulnerability (CNVD-2019-36132)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An input validation error vulnerability exists in cPanel. An attacker can exploit the vulnerability to obtain private emails...

CVE-2017-18393

cPanel before 68.0.15 does not block a username of postmaster, which might allow reception of private e-mail SEC-326...

Hackers bypassed Gmail & Yahoo’s 2FA to target US officials

By Waqas The attack was carried out by Iran-backed charming kitten hackers and victims include dozens of US government officials. Private emails of US sanctions officials and nuclear scientists have been breached by Iranian state-sponsored hackers. As per the data obtained by Certfa, a...

PT-2018-9528 · Gitea · Gitea

Name of the Vulnerable Software and Affected Versions: Gitea versions prior to 1.5.1 Description: The issue results in the exposure of users' private email addresses. This can be exploited by watching a repository to receive email notifications, which contain the other recipients even if they hav...

mailman: Local users able to read private mailing list archives

It was found that mailman stored private email messages in a world-readable directory. A local user could use this flaw to read private mailing list archives...