BIT-GITLAB-2024-4660 Missing Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates...

Dell 2335dn printer Weak Password Requirements (CVE-2018-15748)

On Dell 2335dn printers with Printer Firmware Version 2.70.05.02, Engine Firmware Version 1.10.65, and Network Firmware Version V4.02.152335dn MFP 11-22-2010, the admin interface allows an authenticated attacker to retrieve the configured SMTP or LDAP password by viewing the HTML source code of t...

CVE-2024-4660

CVE-2024-4660 concerns GitLab Enterprise Edition (EE). Affected: all versions 11.2–17.1.7, 17.2 up to 17.2.5, and 17.3 up to 17.3.2. Description: a guest could read the source code of a private project by exploiting group templates. Impact: confidentiality loss of private project source code. The...

CVE-2024-4660 Missing Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates...

CVE-2024-4660 Missing Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates...

CVE-2024-4660 Missing Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates...

GitLab 11.2 < 17.1.7 / 17.2 < 17.2.5 / 17.3 < 17.3.2 (CVE-2024-4660)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was...

openSUSE Security Advisory (SUSE-SU-2024:3173-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-27257

IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users...

IBM OpenPages 安全漏洞

IBM OpenPages is an AI-driven, highly scalable governance, risk and compliance GRC solution from International Business Machines IBM. A security vulnerability exists in IBM OpenPages versions 8.3 and 9.0 that stems from the potential to disclose information about client source code to unauthorize...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apache2 (SUSE-SU-2024:3173-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3173-1 advisory. - CVE-2024-38474: Fixed substitution encoding issue in modrewrite bsc1227278 - CVE-2024-38473:...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apache2 (SUSE-SU-2024:3172-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3172-1 advisory. - CVE-2024-38474: Fixed substitution encoding issue in modrewrite bsc1227278 - CVE-2024-38473:...

SUSE-SU-2024:3173-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2024-38474: Fixed substitution encoding issue in modrewrite bsc1227278 - CVE-2024-38473: Fixed encoding problem in modproxy bsc1227276 - CVE-2024-39884: Fixed source code disclosure with handlers configured via AddType bsc1227353...

SUSE-SU-2024:3172-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2024-38474: Fixed substitution encoding issue in modrewrite bsc1227278 - CVE-2024-38473: Fixed encoding problem in modproxy bsc1227276 - CVE-2024-39884: Fixed source code disclosure with handlers configured via AddType bsc1227353...

Pharmacy Management System version 1.0 Insecure Settings

==================================================================================================================================== | Title : Pharmacy Management System version 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

PDF Generator Web Application 1.0 Insecure Settings

==================================================================================================================================== | Title : PDF Generator Web Application v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

CVE-2024-34155

A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion. Mitigation Mitigation for this issue is either not available or the currently available options do n...

CVE-2024-34155

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...

CVE-2024-34155

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...

CVE-2024-34155

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...