Linux Distros Unpatched Vulnerability : CVE-2023-1265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions...

Linux Distros Unpatched Vulnerability : CVE-2021-22205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a fil...

Linux Distros Unpatched Vulnerability : CVE-2021-22223

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Client-Side code injection through Feature Flag name in GitLab CE/EE starting with 11.9 allows a specially crafted feature flag name to PUT requests on behalf o...

GitLab 11.9 < 15.9.6 / 15.10 < 15.10.5 / 15.11 < 15.11.1 (CVE-2023-1265)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. The...

bind security update

bind 32:9.16.23-14.4 - Rebuild with correct z-stream tag again 32:9.16.23-14.3 - Rebuild together with bind-dyndb-ldap to adjust ABI changes 32:9.16.23-14.2 - Import tests for large DNS messages fix - Add downstream change complementing CVE-2023-50387 32:9.16.23-14.1 - Prevent increased CPU load ...

CVE-2024-25320

Tongda OA v2017 and up to v11.9 was discovered to contain a SQL injection vulnerability via the $AFFID parameter at /affair/delete.php...

TONGDA Office Anywhere Security Breach

TONGDA Office Anywhere is a collaborative office OA system. A security vulnerability exists in TONGDA Office Anywhere v2017 11.9 and earlier versions, which originates from a SQL injection vulnerability in the file /affair/delete.php...

PT-2024-20888 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA versions v2017 through v11.9 Description: The issue is related to a SQL injection vulnerability. It can be exploited via the $AFF ID parameter at the "/affair/delete.php" API endpoint. Recommendations: For Tongda OA versions v2017...

GitLab 11.9 < 13.11.6 / 13.12 < 13.12.6 / 14.0 < 14.0.2 (CVE-2021-22223)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Client-Side code injection through Feature Flag name in GitLab CE/EE starting with 11.9 allows a specially crafted feature flag name to PUT requests on behalf of other users via clicking on a link...

PT-2024-14859 · WordPress · Wp Tripadvisor Review Slider

Name of the Vulnerable Software and Affected Versions: WP TripAdvisor Review Slider WordPress plugin versions prior to 11.9 Description: The WP TripAdvisor Review Slider WordPress plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to...

CVE-2023-7020 Tongda OA 2017 view.php sql injection

A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. This issue affects some unknown processing of the file general/wiki/cp/ct/view.php. The manipulation of the argument TEMPID leads to sql injection. The attack may be initiated remotely. The exploit has been disclos...

WordPress CSS & JavaScript Toolbox Plugin <= 11.8 is vulnerable to Cross Site Scripting (XSS)

Software CSS & JavaScript Toolbox Type Plugin Vulnerable versions = 11.8 Fixed in 11.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-50823 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 61031c39a340 Credits Ngô Thiên An ancorn from VNPT-V...

Trellix Data Loss Prevention 代码问题漏洞

Trellix Data Loss Prevention Trellix DLP is a data loss prevention solution from American FireEye Trellix. It provides a comprehensive scan of inbound and outbound network traffic on all ports, protocols, etc. A security vulnerability exists in the Trellix Data Loss Prevention 11.9.x series of...

Design/Logic Flaw

An issue has been discovered in GitLab affecting all versions starting from 11.9 before 14.5.4, all versions starting from 14.6.0 before 14.6.4, all versions starting from 14.7.0 before 14.7.1. GitLab was not correctly handling bulk requests to delete existing packages from the package registries...

CVE-2022-0477

An issue has been discovered in GitLab affecting all versions starting from 11.9 before 14.5.4, all versions starting from 14.6.0 before 14.6.4, all versions starting from 14.7.0 before 14.7.1. GitLab was not correctly handling bulk requests to delete existing packages from the package registries...

CVE-2022-0477

Removed by vendor...

Exploit for Code Injection in Gitlab

Vuln Impact An issue has been discovered in GitLab CE/EE af...

Denial of service

A Denial Of Service vulnerability in the apollouploadserver Ruby gem in GitLab CE/EE all versions starting from 11.9 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to deny access to all users via specially crafted...

PostgreSQL < 9.5.23, 9.6.x < 9.6.19, 10.x < 10.14, 11.x < 11.9, 12.x < 12.4 Search Path Vulnerability - Linux

PostgreSQL is prone to an uncontrolled search path element vulnerability in CREATE EXTENSION. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

Security fix for the ALT Linux 8 package postgresql11 version 11.9-alt0.M80P.1

11.9-alt0.M80P.1 built Aug. 20, 2020 Alexei Takaseev in task 256188 Aug. 12, 2020 Alexei Takaseev - 11.9 Fixes CVE-2020-14349, CVE-2020-14350...