6 matches found
XWiki DeleteApplication - Cross-Site Scripting
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 6.2-milestone-1 through 16.10.9 and 17.0.0-rc-1 through 17.4.1 of both XWiki Platform Flamingo Skin Resources and XWiki Platform Web Templates are vulnerable to a reflected XSS attack...
CVE-2024-5005
GitLab CVE-2024-5005 affects GitLab EE/CE with version ranges: 11.4–17.2.8, 17.3–17.3.4, and 17.4–17.4.1. Affects guests who could disclose project templates via the API. The issue is fixed in GitLab in the following patched releases: 17.2.9, 17.3.5, and 17.4.2. If you are using any vulnerable ve...
CVE-2024-9164
The CVE-2024-9164 entry affects GitLab Enterprise Edition. The issue allows running pipelines on arbitrary branches across all versions starting from 12.5 up to but not including 17.2.9, from 17.3 up to but not including 17.3.5, and from 17.4 up to but not including 17.4.2. The underlying problem...
CVE-2024-9164 Missing Authentication for Critical Function in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 12.5 prior to 17.2.9, starting from 17.3, prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows running pipelines on arbitrary branches...
GitLab 8.16 < 17.2.9 / 17.3 < 17.3.5 / 17.4 < 17.4.2 (CVE-2024-9623)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows deploy keys ...
Null pointer dereference
Adobe InDesign versions 19.0 and earlier and 17.4.2 and earlier are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requir...