CVE-2025-58059 Valtimo scripting engine can be used to gain access to sensitive data or resources

Valtimo is a platform for Business Process Automation. In versions before 12.16.0.RELEASE, and from 13.0.0.RELEASE to before 13.1.2.RELEASE, any admin that can create or modify and execute process-definitions could gain access to sensitive data or resources. This includes but is not limited to:...

Linux Distros Unpatched Vulnerability : CVE-2021-22188

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via...

VulnCheck KEV: CVE-2021-4191

An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2. Private GitLab instances with restricted sign-ups may be vulnerable to user enumeration to unauthenticated users through the GraphQL API...

Citrix Application Delivery Management 安全漏洞

Citrix Application Delivery Management ADM is an application delivery management system from Citrix. The system provides centralized network and application management functions. A security vulnerability exists in Citrix Application Delivery Management that originates from allowing an...

PT-2022-11502 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.0 through 14.6.5 GitLab CE/EE versions 14.7 through 14.7.4 GitLab CE/EE versions 14.8 through 14.8.2 Description: An issue has been discovered in GitLab CE/EE that may allow a remote, unauthenticated attacker to acces...

PT-2021-14924 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 13.0 through 14.0.8 GitLab versions 14.1 through 14.1.3 GitLab versions 14.2 through 14.2.1 Description: An issue has been discovered in GitLab where a user account with 'external' status, granted the 'Maintainer' role on any...

UBUNTU-CVE-2021-39878

A stored Reflected Cross-Site Scripting vulnerability in the Jira integration in GitLab version 13.0 up to 14.3.1 allowed an attacker to execute arbitrary javascript code...

PT-2021-22724 · Gitlab +1 · Gitlab +1

Name of the Vulnerable Software and Affected Versions: GitLab versions 13.0 through 14.3.1 Description: A stored Reflected Cross-Site Scripting issue in the Jira integration allows an attacker to execute arbitrary javascript code. Recommendations: For GitLab versions 13.0 through 14.3.1, update t...

GitLab 跨站脚本漏洞

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to view a project's file contents, commit history, bug lists, and more. GitLab suffers from a cross-site scripting vulnerability th...

PT-2023-12545 · Odoo +1 · Odoo Community +2

Name of the Vulnerable Software and Affected Versions: Odoo Community versions 13.0 and earlier Odoo Enterprise versions 13.0 and earlier Description: The issue is related to improper access control, allowing users with deactivated accounts to access the system using their deactivated account and...

CVE-2020-8257

Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, lead to privilege escalation attacks...

CVE-2020-8258

Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, allows an attacker to modify arbitrary files...

CVE-2018-15311

When F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.5.1-11.5.6 is processing specially crafted TCP traffic with the Large Receive Offload LRO feature enabled, TMM may crash, leading to a failover event. This vulnerability is not exposed unless LRO is enabled, so most affected...

Slackware Advisory SSA:2011-068-02 mozilla-firefox

The remote host is missing an update as announced via advisory SSA:2011-068-02. OpenVAS Vulnerability Test $Id: esoftslkssa201106802.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...