Vulnerabilities managed in GitLab Enterprise Edition

GitLab has identified several vulnerabilities in the GitLab Community Edition and Enterprise Edition versions, ranging from 12.0 to 19.0.2, including important releases such as 17.x, 18.10.8, 18.11.5, and 19.0.2. These vulnerabilities affect various components of GitLab CE & EE. Authorized users...

CVE-2017-13314

In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with...

CVE-2017-13314

In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with...

CVE-2017-13314

In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with...

PT-2021-2044 · Microsoft · Microsoft.Powershell.Utility +1

Name of the Vulnerable Software and Affected Versions: Microsoft.PowerShell.Utility Module affected versions not specified Description: The issue is related to errors in security settings, allowing a remote attacker to bypass existing protection mechanisms. This security-feature bypass...

KLA10729 Privilege escalation vulnerability in WinRAR

Improper files handling was found in WinRAR. By exploiting this vulnerability malicious users can execute arbitrary code with WinRAR privileges. This vulnerability can be exploited remotely via a specially designed archive. Technical details This vulnerability related to two WinRAR functions:one...