42 matches found
PT-2026-34339
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix leak of kobject name for sub-group space info When create space info sub group allocates elements of space info-sub group, kobject init and add is called for each element via btrfs sysfs add space info type. However,...
SUSE CVE-2025-71233
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...
CVE-2025-71233
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...
CVE-2025-71233
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...
PT-2026-20442
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to PCI endpoint sub-group creation. Asynchronous creation of sub-groups via delayed work could result in a NULL pointer dereference if the...
CVE-2023-6564
An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or...
Design/Logic Flaw
An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or...
UBUNTU-CVE-2023-6564
An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or...
CVE-2023-6564 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or...
CVE-2023-6564
Removed by vendor...
CVE-2023-6564 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or...
PT-2023-8538 · Gitlab · Gitlab Ee Ultimate +2
Name of the Vulnerable Software and Affected Versions: GitLab EE Premium and Ultimate versions 16.4.3 through 16.6.1 Description: The issue is related to inadequate access control in GitLab, allowing subgroup members with the Developer role to potentially push or merge to protected branches in...
SUSE CVE-2016-1283
The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?'R'?'R'?'RR'?'R'\97?J?J?'R'?'R'\99|:?|?'R'\k'R'|?'R'H'R'RH'R/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer overflow or...
SA40145 - [Pulse Secure] January 28th 2016 OpenSSL Security Advisory
Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On January 28th 2016 the OpenSSL project announced two new security advisories. The OpenSSL advisory can be found at the following link: https://www.openssl.org/news/secadv/20160128.tx...
Cyberespionage APT Now Identified as Three Separate Actors
A threat group responsible for sophisticated cyberespionage attacks against U.S. utilities is actually comprised of three subgroups, all with their own toolsets and targets, that have been operating globally since 2018, researchers have found. TA410 is a cyberespionage umbrella group loosely link...
Anuko Time Tracker SQL Injection Vulnerability
Anuko Time Tracker is an open source time counting system for individual developers. A platform used to count employee time spent on various tasks, Anuko Time Tracker is vulnerable to a SQL injection vulnerability that stems from the group and status parameters in the groups.php file not being...
CVE-2021-39883
Improper authorization checks in all versions of GitLab EE starting from 13.11 before 14.1.7, all versions starting from 14.2 before 14.2.5, and all versions starting from 14.3 before 14.3.1 allows subgroup members to see epics from all parent subgroups...
Authorization
Improper authorization checks in all versions of GitLab EE starting from 13.11 before 14.1.7, all versions starting from 14.2 before 14.2.5, and all versions starting from 14.3 before 14.3.1 allows subgroup members to see epics from all parent subgroups...
CVE-2021-39883
Improper authorization checks in all versions of GitLab EE starting from 13.11 before 14.1.7, all versions starting from 14.2 before 14.2.5, and all versions starting from 14.3 before 14.3.1 allows subgroup members to see epics from all parent subgroups...
UBUNTU-CVE-2021-39883
Improper authorization checks in all versions of GitLab EE starting from 13.11 before 14.1.7, all versions starting from 14.2 before 14.2.5, and all versions starting from 14.3 before 14.3.1 allows subgroup members to see epics from all parent subgroups...