GitLab Enterprise Edition（EE）和GitLab Community Edition（CE） 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. Versions of GitLab CE/EE prior to 12.10, 18.10.8, 18.11.5, and 19.0.2...

UBUNTU-CVE-2026-1092

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service due to improper input validation of JSON payloads...

Security Bulletin: IBM Informix 12.10.xC16W6 updated to use the latest version of Java to address the Java vulnerabilities.

Summary IBM's Java version has been updated to 8.0.8.60 with Informix 12.10.xC16W6 to address multiple IBM Java vulnerabilities Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all...

EUVD-2026-0013

Release of Invalid Pointer or Reference vulnerability was discovered in fs/inode/fsinoderemove code of the Apache NuttX RTOS that allowed root filesystem inode removal leading to a debug assert trigger that is disabled by default, NULL pointer dereference handled differently depending on the targ...

CVE-2025-52616 HCL Unica 12.1.10 is affected by an exposure of sensitive information

HCL Unica 12.1.10 can expose sensitive system information. An attacker could use this information to form an attack plan by leveraging known vulnerabilities in the application...

CVE-2024-49342

IBM Informix Dynamic Server 12.10 and 14.10 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

IBM Informix Dynamic Server 安全漏洞

IBM Informix Dynamic Server IDS is a scalable object-relational database server from International Business Machines IBM that provides clustered data centers with features such as continuous data availability and disaster recovery. A security vulnerability exists in IBM Informix Dynamic Server...

Intelligent Freenow 安全漏洞

Intelligent Freenow is a cab booking software from Intelligent. A security vulnerability exists in Intelligent Freenow version 12.10.0, which stems from the parameter DEFAULTKEYSTOREPASSWORD in the file ch/qos/logback/core/net/ssl/SSL.java that can lead to the use of hard-coded passwords...

CVE-2023-28527

IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251206...

SUSE CVE-2019-8735

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution...

DEBIAN-CVE-2021-38208

net/nfc/llcpsock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service NULL pointer dereference and BUG by making a getsockname call after a certain type of failure of a bind call...

CVE-2020-7390

Sage X3 Stored XSS Vulnerability on ‘Edit’ Page of User Profile. An authenticated user can pass XSS strings the "First Name," "Last Name," and "Email Address" fields of this web application component. Updates are available for on-premises versions of Version 12 components shipped with Syracuse...

PT-2021-19813 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 12.6.7 XWiki Platform versions prior to 12.10.3 Description: A user without Script or Programming right is able to execute script requiring privileges by editing gadget titles in the dashboard. Recommendations...

PT-2020-13500 · Gitlab +1 · Gitlab Ce/Ee +2

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.10 through 13.3.8 GitLab CE/EE versions 13.4 through 13.4.4 GitLab CE/EE versions 13.5 through 13.5.1 Description: The Terraform API in GitLab CE/EE exposed the object storage signed URL on the delete operation,...

PT-2020-20830 · Apple · Itunes For Windows +7

Name of the Vulnerable Software and Affected Versions: Apple iOS versions prior to 13.6 Apple iPadOS versions prior to 13.6 Apple macOS Catalina versions prior to 10.15.6 Apple tvOS versions prior to 13.4.8 Apple watchOS versions prior to 6.2.8 Apple iTunes for Windows versions prior to 12.10.8...

GitLab Cross-Site Scripting Vulnerability (CNVD-2020-58040)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in GitLab...

Apple iTunes for Windows ImageIO Out-of-Bounds Write Vulnerability

Apple iTunes for Windows is a Windows-based media player application from Apple.ImageIO is one of the components that reads and writes image data. A security vulnerability exists in the ImageIO component in Apple iTunes for Windows versions prior to 12.10.8. The vulnerability can be exploited to...

PT-2020-20843 · Apple +7 · Ipados +13

Name of the Vulnerable Software and Affected Versions: Apple iOS versions prior to 13.6 Apple iPadOS versions prior to 13.6 Apple tvOS versions prior to 13.4.8 Apple watchOS versions prior to 6.2.8 Apple Safari versions prior to 13.1.2 Apple iTunes for Windows versions prior to 12.10.8 Apple iClo...

PT-2020-12446 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 12.10 Description: The issue is related to a potential Denial of Service DoS in repository archive download. Recommendations: For versions prior to 12.10, update to version 12.10 or later to resolve the issue...