Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-31643

Malicious code in bioql PyPI...

8.1CVSS6.3AI score0.00355EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:52 a.m.3 views

CVE-2024-3035

A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories...

8.1CVSS6.3AI score0.00355EPSS
Exploits0References1
NVD
NVD
added 2024/08/08 11:15 a.m.25 views

CVE-2024-3035

A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories...

8.1CVSS0.00355EPSS
Exploits0References2
OSV
OSV
added 2024/08/08 11:15 a.m.11 views

UBUNTU-CVE-2024-3035

A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories...

8.1CVSS5.8AI score0.00355EPSS
Exploits0References4
CVE
CVE
added 2024/08/08 10:31 a.m.101 views

CVE-2024-3035

CVE-2024-3035 is a GitLab CE/EE permission-check vulnerability affecting all versions from 8.12 up to 17.0.6, 17.1 up to 17.1.4, and 17.2 up to 17.2.2, allowing LFS tokens to read and write to user-owned repositories. Root cause: permission check flaw in the LFS path. Impact: read/write access to...

8.1CVSS6.3AI score0.00355EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/08/08 10:31 a.m.14 views

CVE-2024-3035 Authorization Bypass Through User-Controlled Key in GitLab

A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories...

6.8CVSS6.3AI score0.00355EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/07 12:0 a.m.3 views

PT-2024-5510 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.12 through 17.0.5 GitLab CE/EE versions 17.1 through 17.1.3 GitLab CE/EE versions 17.2 through 17.2.1 Description: The issue is related to an error in handling LFS tokens, which can be exploited by a remote attacker to...

8.1CVSS6.7AI score0.00355EPSS
Exploits0References15
OSV
OSV
added 2022/05/14 2:47 a.m.27 views

GHSA-CGVF-22VV-83H5 Apache James Server OS Command Injection

Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors...

8.1CVSS8.2AI score0.68603EPSS
Exploits5References7
Github Security Blog
Github Security Blog
added 2022/05/14 2:47 a.m.31 views

Apache James Server OS Command Injection

Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors...

9.3CVSS7.7AI score0.68603EPSS
Exploits5References8Affected Software1
NVD
NVD
added 2016/06/07 2:6 p.m.10 views

CVE-2015-7611

Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors...

9.3CVSS8.3AI score0.68603EPSS
Exploits5References6
Prion
Prion
added 2016/06/07 2:6 p.m.20 views

Design/Logic Flaw

Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors...

9.3CVSS7.8AI score0.68603EPSS
Exploits5References6Affected Software1
Cvelist
Cvelist
added 2016/06/07 2:0 p.m.30 views

CVE-2015-7611

Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors...

8.3AI score0.68603EPSS
Exploits5References6
exploitpack
exploitpack
added 2014/11/14 12:0 a.m.63 views

Gogs - usersrepos ?q SQL Injection

Gogs - usersrepos ?q SQL Injection Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go. taken from 1 It is very simili...

7.5CVSS7.6AI score0.33391EPSS
Exploits5
Cvelist
Cvelist
added 2005/12/04 10:0 p.m.17 views

CVE-2004-2633

Unspecified vulnerability in Sesamie 1.0 allows remote anonymous attackers to gain access to repositories of other users via unknown vectors...

6.8AI score0.01245EPSS
Exploits0References6
NVD
NVD
added 2004/12/31 5:0 a.m.12 views

CVE-2004-2633

Unspecified vulnerability in Sesamie 1.0 allows remote anonymous attackers to gain access to repositories of other users via unknown vectors...

5.1CVSS6.8AI score0.01245EPSS
Exploits0References6
Rows per page
Query Builder