17 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-6063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that under certain...
CVE-2026-1751
A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions...
UBUNTU-CVE-2026-1751
A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions...
CVE-2026-1751 Missing Authorization in GitLab
A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions...
CVE-2026-1751 Missing Authorization in GitLab
A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions...
EUVD-2026-5136
A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions...
PT-2026-5647
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 16.8 through 18.4.9 Description A security issue exists in GitLab CE/EE that may allow unauthorized modification of merge request approval rules under specific circumstances. The issue affects the processing of approval...
EUVD-2024-21409
Malicious code in bioql PyPI...
CVE-2024-23983
Improper handling of canonical URL-encoding may lead to bypass not properly constrained by request rules...
CVE-2024-23983
Improper handling of canonical URL-encoding may lead to bypass not properly constrained by request rules...
CVE-2024-23983 Access rules for PingAccess may be circumvented with URL-encoded characters
Improper handling of canonical URL-encoding may lead to bypass not properly constrained by request rules...
CVE-2024-23983 Access rules for PingAccess may be circumvented with URL-encoded characters
Improper handling of canonical URL-encoding may lead to bypass not properly constrained by request rules...
CVE-2024-23983
CVE-2024-23983 concerns Ping Identity PingAccess where improper handling of canonical URL-encoding may bypass request rules. Affected component is PingAccess (central policy engine) with vulnerability enabling bypass due to URL-encoded characters not properly constrained by access rules. Public s...
PT-2024-20219 · Ping Identity · Pingaccess
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves improper handling of canonical URL-encoding, which may lead to bypassing request rules that are not properly constrained...
Design/Logic Flaw
Interpretation conflict in ModSecurity modsecurity 2.1.0 and earlier allows remote attackers to bypass request rules via application/x-www-form-urlencoded POST data that contains an ASCIIZ 0x00 byte, which modsecurity treats as a terminator even though it is still processed as normal data by some...
CVE-2007-1359
Interpretation conflict in ModSecurity modsecurity 2.1.0 and earlier allows remote attackers to bypass request rules via application/x-www-form-urlencoded POST data that contains an ASCIIZ 0x00 byte, which modsecurity treats as a terminator even though it is still processed as normal data by some...
CVE-2007-1359
ModSecurity (mod_security)