PT-2026-27992

Name of the Vulnerable Software and Affected Versions GitLab EE versions 15.4 through 18.8.6 GitLab EE versions 18.9 through 18.9.2 GitLab EE versions 18.10 through 18.10.0 Description An authenticated user could add email addresses to targeted user accounts due to improper sanitization of HTML...

Linux Distros Unpatched Vulnerability : CVE-2022-3820

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. GitLab was not performing correct...

CVE-2022-22615

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges...

CVE-2025-30458

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to read files outside of its sandbox...

CVE-2025-30449

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to gain root privileges...

CVE-2025-24207

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to enable iCloud storage features without user consent...

CVE-2025-24204

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

PT-2025-13942 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.4 Description: A privacy issue was addressed by moving sensitive data to a protected location. An app may be able to observe unprotected user data. Recommendations: For versions prior to 15.4, update to macOS Sequoi...

PT-2025-20755 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.4 Description: The issue allows an app to potentially break out of its sandbox. This was addressed by adding additional logic. Recommendations: For versions prior to 15.4, update to macOS Sequoia 15.4 to resolve the...

PT-2025-14000 · Apple · Macos Sonoma +5

Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.7.5 iOS versions prior to 18.4 iPadOS versions prior to 18.4 tvOS versions prior to 18.4 macOS Sequoia versions prior to 15.4 Description: The issue allows an app to access sensitive user data due to inadequa...

PT-2025-13971 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.4 Description: The issue allows an app to potentially corrupt coprocessor memory due to inadequate bounds checks. The estimated number of potentially affected devices worldwide is not specified. There is no...

PT-2025-13981 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.4 Description: The issue allows an app to potentially access sensitive user data due to inadequate redaction of sensitive information. This issue was addressed with improved redaction of sensitive information...

PT-2025-23208 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.4 Description: The issue was addressed with improved memory handling. An app may be able to corrupt coprocessor memory. Recommendations: For versions prior to 15.4, update to macOS Sequoia 15.4 to resolve the issue...

VulnCheck KEV: CVE-2022-3573

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. Due to the improper filtering of query parameters in the wiki changes page, an attacker can execute...

CVE-2023-0215 affecting package shim-unsigned-x64 15.4-2

CVE-2023-0215 affecting package shim-unsigned-x64 15.4-2. This CVE either no longer is or was never applicable...

BIT-GITLAB-2024-4539 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2 where abusing the API to filter branch and tags could lead to Denial of Service...

CVE-2024-30246 Tuleap deleting or moving an artifact can delete values from unrelated artifacts

Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue on purpose to delete information on the instance or possibly gain access to restricted artifacts. It is however not possible to control exactly which...

Information disclosure

Tuleap is an open source suite to improve management of software developments and collaboration. Prior to version 15.5.99.76 of Tuleap Community Edition and prior to versions 15.5-4 and 15.4-7 of Tuleap Enterprise Edition, users with a read access to a tracker where the mass update feature is use...

SolarWinds Serv-U FTP Server Input Validation Error Vulnerability

SolarWinds Serv-U FTP Server is a suite of FTP and MFT file transfer software from the US-based SolarWinds Corporation. An input validation error vulnerability exists in SolarWinds Serv-U FTP Server version 15.4, which originates from allowing an authenticated attacker to insert content on the fi...

CVE-2023-40060

A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the issue was not completely...