GitLab 16.6 < 17.9.7 / 17.10 < 17.10.5 / 17.11 < 17.11.1 (CVE-2025-1908)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all versions from 16.6 before...

CVE-2025-0555 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

A Cross Site Scripting XSS vulnerability in GitLab-EE affecting all versions from 16.6 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows an attacker to bypass security controls and execute arbitrary scripts in a users browser under specific conditions...

WordPress plugin Storely 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

CVE-2024-10800

The WordPress User Extra Fields plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the ajaxsavefields function in all versions up to, and including, 16.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to ad...

WordPress plugin User Extra Fields 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

PT-2023-26773 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 16.0 through 16.4.3 GitLab EE versions 16.5 through 16.5.3 GitLab EE versions 16.6 through 16.6.1 Description: A privilege escalation issue in GitLab EE allows a project Maintainer to use a Project Access Token to escalate...

CVE-2023-3964

Removed by vendor...

Apple Safari 安全漏洞

Apple Safari is a web browser from Apple Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. A security vulnerability exists in Apple Safari version 16.6, which originates from an application that may be able to execute arbitrary code using kernel privileges...

Apple TV < 16.6 Multiple Vulnerabilities (HT213846)

According to its banner, the version of Apple TV on the remote device is prior to 16.6. It is therefore affected by multiple vulnerabilities as described in the HT213846 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid178942; scriptversion"1.2";...

Apple Safari Security Updates (HT213847)

Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...

Code injection

XSS in Yandex Browser BookReader in Yandex browser for desktop for versions before 16.6. could be used by remote attacker for evaluation arbitrary javascript code...

AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection

Exploit for perl platform in category web applications Exploit Title: AKIPS Network Monitor 15.37-16.6 OS Command Injection Date: 03-14-2016 Exploit Author: BrianWGray Contact: https://twitter.com/BrianWGray WebPage: http://somethingbroken.com/ Vendor Homepage: https://www.akips.com/ Software Lin...