11 matches found
Apollo Portal: There is a risk of unauthorized access to the Apollo configuration center
Summary Apollo Portal versions before 2.5.0 do not verify application and namespace permissions when an authenticated user requests a release by ID through GET /envs/env/releases/releaseId. When configView.memberOnly.envs is enabled for the requested environment, a low-privileged Portal user can...
PT-2026-60060
Summary Apollo Portal versions before 2.5.0 do not verify application and namespace permissions when an authenticated user requests a release by ID through GET /envs/env/releases/releaseId. When configView.memberOnly.envs is enabled for the requested environment, a low-privileged Portal user can...
CVE-2026-27660
Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...
EUVD-2026-41633
Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...
CVE-2026-27660
Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...
PT-2026-55601
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description Draft release data or attachments can be accessed by users who do not possess the necessary write permissions. Recommendations Update to version 1.25.5 or later...
CVE-2025-64497
Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not...
PT-2025-49605
Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not...
DEBIAN-CVE-2022-49093
In the Linux kernel, the following vulnerability has been resolved: skbuff: fix coalescing for pagepool fragment recycling Fix a use-after-free when using pagepool with page fragments. We encountered this problem during normal RX in the hns3 driver: 1 Initially we have three descriptors in the RX...
PT-2015-2830 · Adobe +3 · Integrated Runtime +4
Name of the Vulnerable Software and Affected Versions: Adobe Integrated Runtime and Flash Player affected versions not specified Description: The issue is caused by a buffer overflow. It may allow a remote attacker to execute arbitrary code or cause a denial of service. The vulnerability is also...
Fedora Update for kcolorchooser FEDORA-2013-13499
Check for the Version of kcolorchooser OpenVAS Vulnerability Test Fedora Update for kcolorchooser FEDORA-2013-13499 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...