Lucene search
K

11 matches found

Github Security Blog
Github Security Blog
added 3 days ago5 views

Apollo Portal: There is a risk of unauthorized access to the Apollo configuration center

Summary Apollo Portal versions before 2.5.0 do not verify application and namespace permissions when an authenticated user requests a release by ID through GET /envs/env/releases/releaseId. When configView.memberOnly.envs is enabled for the requested environment, a low-privileged Portal user can...

6.5CVSS6.1AI score
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 3 days ago6 views

PT-2026-60060

Summary Apollo Portal versions before 2.5.0 do not verify application and namespace permissions when an authenticated user requests a release by ID through GET /envs/env/releases/releaseId. When configView.memberOnly.envs is enabled for the requested environment, a low-privileged Portal user can...

6.5CVSS6.1AI score
Exploits0References7
NVD
NVD
added 2026/07/03 9:16 p.m.9 views

CVE-2026-27660

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

7.5CVSS0.00345EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/03 8:19 p.m.6 views

EUVD-2026-41633

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

5.9AI score0.00345EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.7 views

CVE-2026-27660

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...

5.9AI score0.00345EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55601

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description Draft release data or attachments can be accessed by users who do not possess the necessary write permissions. Recommendations Update to version 1.25.5 or later...

7.5CVSS6.1AI score0.00345EPSS
Exploits0References7
NVD
NVD
added 2025/12/08 11:15 p.m.7 views

CVE-2025-64497

Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not...

6.5CVSS0.00244EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.8 views

PT-2025-49605

Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not...

6.5CVSS6.5AI score0.00244EPSS
Exploits0References5
OSV
OSV
added 2025/02/26 7:0 a.m.2 views

DEBIAN-CVE-2022-49093

In the Linux kernel, the following vulnerability has been resolved: skbuff: fix coalescing for pagepool fragment recycling Fix a use-after-free when using pagepool with page fragments. We encountered this problem during normal RX in the hns3 driver: 1 Initially we have three descriptors in the RX...

7.8CVSS5.5AI score0.00244EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2015/12/09 12:0 a.m.6 views

PT-2015-2830 · Adobe +3 · Integrated Runtime +4

Name of the Vulnerable Software and Affected Versions: Adobe Integrated Runtime and Flash Player affected versions not specified Description: The issue is caused by a buffer overflow. It may allow a remote attacker to execute arbitrary code or cause a denial of service. The vulnerability is also...

10CVSS9.3AI score0.43408EPSS
Exploits21References446
OpenVAS
OpenVAS
added 2013/08/01 12:0 a.m.20 views

Fedora Update for kcolorchooser FEDORA-2013-13499

Check for the Version of kcolorchooser OpenVAS Vulnerability Test Fedora Update for kcolorchooser FEDORA-2013-13499 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

7.5CVSS0.1AI score0.04412EPSS
Exploits1References2
Rows per page
Query Builder