RHSA-2026:19182 Red Hat Security Advisory: mariadb:11.8 security update

Bulletin has no description...

EUVD-2019-8207

Malware in sbrugna...

EUVD-2013-5539

Malware in sbrugna...

BIT-GITLAB-2024-6595 Uncontrolled Search Path Element in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2 where it was possible to upload an NPM package with conflicting package data...

PT-2024-19137 · Netapp · Storagegrid

Name of the Vulnerable Software and Affected Versions: StorageGRID formerly StorageGRID Webscale versions prior to 11.8 Description: The issue is a Denial of Service DoS vulnerability. Successful exploit by an authenticated attacker could lead to an out of memory condition or node reboot...

CVE-2023-2233

Removed by vendor...

GitLab 11.8 < 16.2.8 / 16.3 < 16.3.5 / 16.4 < 16.4.1 (CVE-2023-2233)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.2.8, all versions starting from 16.3 before 16.3.5 and all versions starting fro...

GitLab Enterprise Edition Security Vulnerability

GitLab Enterprise Edition EE is a content management system from GitLab, Inc. in the United States. A security vulnerability exists in GitLab Enterprise Edition that stems from improper authorization management. The following versions are affected: version 11.8 through versions prior to 16.2.8,...

CVE-2023-34465 XWiki Platform's Mail.MailConfig can be edited by any user with edit rights

XWiki Platform is a generic wiki platform. Starting in version 11.8-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.2, Mail.MailConfig can be edited by any logged-in user by default. Consequently, they can change the mail obfuscation configuration and view and edit the mail sending...

WordPress plugin WP Google Review Slider SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists i...

Code injection

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A malicious Maintainer can leak the sentry token by changing the configured URL in the Sentry error...

Cross site scripting

An issue has been discovered in GitLab affecting versions from 11.8 before 12.10.13. GitLab was vulnerable to a stored XSS by in the error tracking feature...

CVE-2020-13336

An issue has been discovered in GitLab affecting versions from 11.8 before 12.10.13. GitLab was vulnerable to a stored XSS by in the error tracking feature...

Information disclosure

An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.7.7 and 11.8.x before 11.8.3. It allows Information Disclosure...

Adobe Flash Player - Type Confusion Remote Code Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Adobe Flash Player Type Confusion Remote Code Execution", 'Description' = %q This module exploits a type confusion vulnerability foun...

Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 (Feb 2014) - Mac OS X

Adobe Flash Player is prone to multiple security bypass vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...