42 matches found
EUVD-2016-6994
Malware in sbrugna...
EUVD-2021-26259
Malware in sbrugna...
EUVD-2020-6331
Malware in sbrugna...
EUVD-2019-16349
Malware in sbrugna...
Lovable VDP: Users can change project visibility which requires high subscription by just changing request body
A Broken Access Control vulnerability was discovered that allowed users to change project visibility to higher subscription tiers by modifying the request body. The visibility was changed from the default setting to Personal or Workspace, bypassing subscription checks and enabling unauthorized...
EUVD-2023-44080
Malicious code in bioql PyPI...
EUVD-2023-39922
Malicious code in bioql PyPI...
EUVD-2021-9391
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-3413
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions...
Linux Distros Unpatched Vulnerability : CVE-2021-39903
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of GitLab CE/EE since version 13.0, a privileged user, through an API call, can change the visibility level of a group or a project to a...
CVE-2024-49373
No Fuss Computing Centurion ERP is open source enterprise resource planning ERP software. Prior to version 1.2.1, an authenticated user can view projects within organizations they are not apart of. Version 1.2.1 fixes the problem...
CVE-2022-2456
An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible for malicious group or project maintainers to change their corresponding group or project visibility ...
CVE-2021-39903
In all versions of GitLab CE/EE since version 13.0, a privileged user, through an API call, can change the visibility level of a group or a project to a restricted option even after the instance administrator sets that visibility option as restricted in settings...
CVE-2024-56350
In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects...
CVE-2024-56350
JetBrains TeamCity is affected by CVE-2024-56350. Multiple connected sources confirm that versions prior to 2024.12 suffer from improper access control that allows unauthorized viewing of projects via build credentials. The root cause is insufficient authorization around build credentials, enabli...
Jupyter Scheduler 安全漏洞
Jupyter Scheduler is a JupyterLab extension for running laptop jobs from the Jupyter organization. A security vulnerability exists in Jupyter Scheduler that stems from the fact that a user's list of conda environments may be publicly available, potentially revealing information about the projects...
Design/Logic Flaw
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. When switching from a project visibility that allows restricted users to Private without restricted, restricted users that are project administrators keep this access right. Restricted users tha...
CVE-2023-35938 User access not updated with privilege change in Tuleap
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. When switching from a project visibility that allows restricted users to Private without restricted, restricted users that are project administrators keep this access right. Restricted users tha...
CVE-2023-35938 User access not updated with privilege change in Tuleap
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. When switching from a project visibility that allows restricted users to Private without restricted, restricted users that are project administrators keep this access right. Restricted users tha...
Tuleap 安全漏洞
Tuleap is an open source application lifecycle management system that facilitates agile software development, design projects, V-modeling, requirements management and IT service management. A security vulnerability exists in Tuleap version 14.9.99.63 that stems from allowing project visibility fo...