Lucene search
K

29 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-2947

Malware in sbrugna...

5CVSS6AI score0.02065EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-39884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of GitLab EE since version 8.13, an endpoint discloses names of private groups that have access to a project to low privileged users that are pa...

4.3CVSS5.2AI score0.0097EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:52 a.m.3 views

SUSE CVE-2011-2380

Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to determine the existence of private group names via a crafted parameter during 1 bug creation or 2 bug editing...

5CVSS6.5AI score0.01766EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:51 a.m.4 views

SUSE CVE-2011-2979

Bugzilla 4.1.x before 4.1.3 generates different responses for certain assignee queries depending on whether the group name is valid, which allows remote attackers to determine the existence of private group names via a custom search. NOTE: this vulnerability exists because of a CVE-2010-2756...

5CVSS6.5AI score0.02065EPSS
Exploits1References3
OSV
OSV
added 2021/10/05 1:15 p.m.3 views

UBUNTU-CVE-2021-39884

In all versions of GitLab EE since version 8.13, an endpoint discloses names of private groups that have access to a project to low privileged users that are part of that project...

4.3CVSS5.8AI score0.0097EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/10/05 12:0 a.m.11 views

PT-2021-22730 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 8.13 and later Description: The issue concerns an endpoint that discloses names of private groups with access to a project to low-privileged users who are part of that project. Recommendations: For GitLab EE versions 8.13 a...

4.3CVSS4.2AI score0.0097EPSS
Exploits0References12
CNVD
CNVD
added 2020/01/07 12:0 a.m.4 views

GitLab Incorrect Access Control Vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Enterprise and...

5.3CVSS6.7AI score0.00929EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/11 12:0 a.m.3 views

GitLab CE/EE Incorrect Access Control Vulnerability (CNVD-2019-23573)

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects.GitLab EE is the GitLab Enterprise Edition and GitLab CE is the GitLab Community Edition. An incorre...

4.3CVSS6.7AI score0.00798EPSS
Exploits0References1
NVD
NVD
added 2019/07/10 3:15 p.m.15 views

CVE-2018-19494

An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an incorrect access vulnerability that allows an unauthorized user to view private group names...

4.3CVSS4.2AI score0.00798EPSS
Exploits0References2
OSV
OSV
added 2019/07/10 3:15 p.m.25 views

CVE-2018-19494

An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an incorrect access vulnerability that allows an unauthorized user to view private group names...

4.3CVSS6.3AI score
Exploits0References2
Prion
Prion
added 2019/07/10 3:15 p.m.22 views

Design/Logic Flaw

An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an incorrect access vulnerability that allows an unauthorized user to view private group names...

4CVSS4.5AI score0.00798EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2019/07/10 3:15 p.m.22 views

CVE-2018-19494

An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an incorrect access vulnerability that allows an unauthorized user to view private group names...

4.3CVSS6.3AI score0.00798EPSS
Exploits0References2
CVE
CVE
added 2019/07/10 2:46 p.m.58 views

CVE-2018-19494

GitLab CE/EE 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 contain an incorrect access control vulnerability that allows an unauthorized user to view private group names. This is a direct access issue in GitLab’s group-name visibility. A fix was released with GitLab security...

4.3CVSS5.3AI score0.00798EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/07/10 2:46 p.m.18 views

CVE-2018-19494

An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an incorrect access vulnerability that allows an unauthorized user to view private group names...

5.5AI score0.00798EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2019/07/10 2:46 p.m.22 views

CVE-2018-19494

Removed by vendor...

4.3CVSS6.1AI score0.00798EPSS
Exploits0
Hacker One
Hacker One
added 2017/03/22 4:14 p.m.17 views

GitLab: [Subgroups] Unprivileged User Can Disclose Private Group Names

Hi @briann and team, Congratulations on the launch of GitLab 9.0! While exploring Subgroup functionality, I noticed that an unprivileged user can disclose private group names by incrementing the parentid parameter. Proof of Concept To reproduce this issue, I set up a fresh GitLab 9.0 CE server an...

0.4AI score
Exploits0
OpenVAS
OpenVAS
added 2012/11/26 12:0 a.m.39 views

FreeBSD Ports: bugzilla

The remote host is missing an update to the system as announced in the referenced advisory. VID 2b841f88-2e8d-11e2-ad21-20cf30e32f6d OpenVAS Vulnerability Test $ Description: Auto generated from VID 2b841f88-2e8d-11e2-ad21-20cf30e32f6d Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

5CVSS0.1AI score0.01543EPSS
Exploits5
NVD
NVD
added 2012/11/16 12:24 p.m.20 views

CVE-2012-4198

The User.get method in Bugzilla/WebService/User.pm in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 has a different outcome for a groups request depending on whether a group exists, which allows remote authenticated users to discover privat...

4CVSS6AI score0.00874EPSS
Exploits1References3
Prion
Prion
added 2012/11/16 12:24 p.m.24 views

Design/Logic Flaw

The User.get method in Bugzilla/WebService/User.pm in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 has a different outcome for a groups request depending on whether a group exists, which allows remote authenticated users to discover privat...

4CVSS6.3AI score0.00874EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2012/11/16 11:0 a.m.26 views

CVE-2012-4198

The User.get method in Bugzilla/WebService/User.pm in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 has a different outcome for a groups request depending on whether a group exists, which allows remote authenticated users to discover privat...

5.9AI score0.00874EPSS
Exploits1References3
Rows per page
Query Builder