CVE-2026-24316 Server-Side Request Forgery (SSRF) in SAP NetWeaver Application Server for ABAP

SAP NetWeaver Application Server for ABAP provides an ABAP Report for testing purposes, which allows to send HTTP requests to arbitrary internal or external endpoints. The report is therefore vulnerable to Server-Side Request Forgery SSRF. Successful exploitation could lead to interaction with...

CVE-2026-24316

SAP NetWeaver Application Server for ABAP provides an ABAP Report for testing purposes, which allows to send HTTP requests to arbitrary internal or external endpoints. The report is therefore vulnerable to Server-Side Request Forgery SSRF. Successful exploitation could lead to interaction with...

EUVD-2024-52821

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-53103

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git...

SUSE CVE-2025-53103

JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...

CVE-2025-53103 JUnit OpenTestReportGeneratingListener can leak Git credentials

JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...

CVE-2024-55653

PwnDoc is a penetration test report generator. In versions up to and including 0.5.3, an authenticated user is able to crash the backend by raising a UnhandledPromiseRejection on audits which exits the backend. The user doesn't need to know the audit id, since a bad audit id will also raise the...

CVE-2023-0121

A denial of service issue was discovered in GitLab CE/EE affecting all versions starting from 13.2.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2 which allows an attacker to cause high resource consumption using malicious test repo...

CVE-2023-6678

An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of service using malicious crafted content in a junit test report file...

Linux Distros Unpatched Vulnerability : CVE-2021-47379

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd KASAN reports a...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46714)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46714 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip wbsclsetscalerfilt...

CVE-2024-55653

PwnDoc is a penetration test report generator. In versions up to and including 0.5.3, an authenticated user is able to crash the backend by raising a UnhandledPromiseRejection on audits which exits the backend. The user doesn't need to know the audit id, since a bad audit id will also raise the...

CVE-2024-55653

CVE-2024-55653 affects the PwnDoc open-source tool, with versions up to and including 0.5.3. The root issue is an authentication-bypassable path that can raise an UnhandledPromiseRejection on audits, causing the backend to crash. This makes the entire application unresponsive and unusable for all...

Fedora 41 : krb5 (2024-36514cd080)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-36514cd080 advisory. Automatic update for krb5-1.21.2-6.fc41. Changelog Mon Jul 8 2024 Julien Rische - 1.21.2-6 - CVE-2024-37370 CVE-2024-37371: GSS message token handli...

mycompany VDP: This test report has been disclosed by 20_root.

This test report has been disclosed by 20root. ████...

GitLab 0 < 16.8.6 / 16.9 < 16.9.4 / 16.10 < 16.10.2 (CVE-2023-6678)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an...

BIT-GITLAB-2023-6678 Inefficient Regular Expression Complexity in GitLab

An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of service using malicious crafted content in a junit test report file...

CVE-2023-6678

An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of service using malicious crafted content in a junit test report file...

CVE-2023-6678 Inefficient Regular Expression Complexity in GitLab

An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of service using malicious crafted content in a junit test report file...

FreeBSD : Gitlab -- Patch Release: 16.10.2, 16.9.4, 16.8.6 (dad6294c-f7c1-11ee-bb77-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the dad6294c-f7c1-11ee-bb77-001b217b3468 advisory. - Gitlab reports: Stored XSS injected in diff viewer Stored XSS via autocomplete results Redos...