SUSE-SU-2025:01783-2 Security update for postgresql17

This update for postgresql17 fixes the following issues: Upgrade to 17.5: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/17.5/...

SUSE SLES12 Security Update : postgresql17 (SUSE-SU-2025:01765-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:01765-1 advisory. Upgrade to 17.5: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation...

SUSE-SU-2025:01783-1 Security update for postgresql17

This update for postgresql17 fixes the following issues: Upgrade to 17.5: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/17.5/...

OPENSUSE-SU-2025:15151-1 libecpg6-17.5-1.1 on GA media

These are all security issues fixed in the libecpg6-17.5-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE-SU-2025:01644-1 Security update for postgresql17

This update for postgresql17 fixes the following issues: Upgrade to 17.5: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/17.5/...

GitLab 17.5 < 17.6.5 / 17.7 < 17.7.4 / 17.8 < 17.8.2 (CVE-2025-1540)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE for Self-Managed and Dedicated instances affecting all versions from 17.5 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2. It was possible...

PT-2024-10153 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.7 through 17.4.6 GitLab CE/EE versions 17.5 through 17.5.4 GitLab CE/EE versions 17.6 through 17.6.2 Description: An issue has been discovered in GitLab CE/EE that may have allowed an attacker with a victim's CI JOB...

UBUNTU-CVE-2024-10240

An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3.7, all versions starting from 17.4 before 17.4.4, all versions starting from 17.5 before 17.5.2 in which an unauthenticated user may be able to read some information about an MR in a private project,...

GitLab 17.3 < 17.3.7 / 17.4 < 17.4.4 / 17.5 < 17.5.2 (CVE-2024-10240)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3.7, all versions starting from 17.4 before 17.4.4, all versions starting from 17.5 before 17.5.2 in which...

CVE-2024-8648 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 16 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. The vulnerability could allow an attacker to inject malicious JavaScript code in Analytics Dashboards through a specially crafted URL...

CVE-2024-8180

An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. Improper output encoding could lead to XSS if CSP is not enabled...

GitLab Enterprise Edition（EE）和GitLab Community Edition（CE） 跨站脚本漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A cross-site scripting vulnerability exists in GitLab Enterprise Edition EE and GitLab...

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 17.5 and iPadOS version 17.5, which stems from the handling of...

Apple Safari Security Update (HT214103)

Apple Safari is prone to an unknown vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...

Microsoft Visual Studio 安全漏洞

Microsoft Visual Studio is a family of development tool suites and a fundamentally complete set of development tools from Microsoft Corporation USA that includes most of the tools needed throughout the software lifecycle. A security vulnerability exists in Microsoft Visual Studio. The following...