Lucene search
K

13 matches found

Cvelist
Cvelist
added 2026/06/12 8:26 p.m.30 views

CVE-2026-47264 Discourse: Don't leak restricted tag group names via tag info

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, DetailedTagSerializertaggroupnames returned every tag group a tag belonged to without filtering against the requesting...

5.3CVSS0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-4043

Malware in sbrugna...

5.3CVSS5.3AI score0.00819EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-42473

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.0039EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:7 p.m.6 views

CVE-2022-3870

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. GitLab allows unauthenticated users to download user avatars using the victim's user ID, on private...

5.3CVSS6.5AI score0.007EPSS
Exploits0References1
OSV
OSV
added 2023/07/28 3:27 p.m.20 views

CVE-2023-38685 Discourse's restricted tag information visible to unauthenticated users

Discourse is an open source discussion platform. Prior to version 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches, information about restricted-visibility topic tags could be obtained by unauthorized users. The issue is patched in version 3.0.6 of the stab...

4.3CVSS4.6AI score0.0039EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/07/28 3:27 p.m.17 views

CVE-2023-38685 Discourse's restricted tag information visible to unauthenticated users

Discourse is an open source discussion platform. Prior to version 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches, information about restricted-visibility topic tags could be obtained by unauthorized users. The issue is patched in version 3.0.6 of the stab...

4.3CVSS5AI score0.0039EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/28 12:0 a.m.5 views

Discourse 信息泄露漏洞

Discourse is an open source community discussion platform. The platform includes community, email, and chat room features. An information disclosure vulnerability exists in Discourse, which stems from the fact that information about restricted visibility topic tags could be accessed by an...

4.3CVSS5AI score0.0039EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/28 12:0 a.m.5 views

PT-2023-26549 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches. Description: Discourse is an open source discussion platform. Information about restricted-visibility topic tags could be...

4.3CVSS4.4AI score0.0039EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2023/03/09 12:0 a.m.8 views

CVE-2023-0223

An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. Non-project members could retrieve release descriptions via the API, even if the release visibility is...

5.3CVSS5AI score0.00786EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/04/11 12:0 a.m.5 views

PT-2022-16890 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 2.8.3 Discourse beta versions prior to 2.9.0.beta4 Description: The issue concerns the erroneous exposure of groups in Discourse, an open source platform for community discussion. When a group with restricted...

5.3CVSS5.1AI score0.00831EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/04/11 12:0 a.m.3 views

Discourse 信息泄露漏洞

Discourse is an open source community discussion platform. The platform includes features such as communities, email, and chat rooms. Discourse suffers from an information disclosure vulnerability that stems from the fact that when a group with restricted visibility is used to set permissions for...

5.3CVSS5.7AI score0.00831EPSS
Exploits0References3
OSV
OSV
added 2021/11/04 11:15 p.m.1 views

UBUNTU-CVE-2021-39903

In all versions of GitLab CE/EE since version 13.0, a privileged user, through an API call, can change the visibility level of a group or a project to a restricted option even after the instance administrator sets that visibility option as restricted in settings...

6.5CVSS6.6AI score0.01098EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2020/03/10 1:45 p.m.23 views

CVE-2019-12433

Removed by vendor...

5.3CVSS6AI score0.00819EPSS
Exploits0
Rows per page
Query Builder