11 matches found
BIT-GITLAB-2026-1752 Incorrect Authorization in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-role permissions to modify protected environment settings due to improper authorization checks in t...
EUVD-2026-20795
GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-role permissions to modify protected environment settings due to improper authorization checks in t...
Siemens Energy Services
SUMMARY Energy Services from Siemens previously known as Managed Applications and Services, sell solutions using Elspec G5 devices that allows a person with physical access to the device to reset the Admin password by inserting a USB drive containing a publicly documented reset string into a USB...
EUVD-2019-6550
Malware in sbrugna...
CVE-2019-15582
An IDOR was discovered in 12.3.2, 12.2.6, and 12.1.12 for GitLab Community Edition CE and Enterprise Edition EE that allowed a maintainer to add any private group to a protected environment...
CVE-2023-49955
An issue was discovered in Dalmann OCPP.Core before 1.2.0 for OCPP Open Charge Point Protocol for electric vehicles. It does not validate the length of the chargePointVendor field in a BootNotification message, potentially leading to server instability and a denial of service when processing...
GitLab Security Breach
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab that stems from allowing users to...
Siemens SCALANCE XCM332 Use After Free (CVE-2022-40674)
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid501086;...
Code injection
An IDOR was discovered in 12.3.2, 12.2.6, and 12.1.12 for GitLab Community Edition CE and Enterprise Edition EE that allowed a maintainer to add any private group to a protected environment...
CVE-2019-15582
An IDOR was discovered in 12.3.2, 12.2.6, and 12.1.12 for GitLab Community Edition CE and Enterprise Edition EE that allowed a maintainer to add any private group to a protected environment...
CVE-2019-15582
Removed by vendor...