Code injection

An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. Access tokens may have been logged when a query was made to a specific endpoint...

PT-2022-11092 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 14.3 through 14.3.6 GitLab CE/EE versions 14.4 through 14.4.4 GitLab CE/EE versions 14.5 through 14.5.2 Description: The issue is related to the improper neutralization of user input, allowing an attacker to exploit XSS ...

PT-2021-22751 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.1 through 14.2.6 GitLab CE/EE versions 14.3 through 14.3.4 GitLab CE/EE versions 14.4 through 14.4.1 Description: The issue is related to an Improper Access Control vulnerability in the GraphQL API. This vulnerability...

Apple tvOS 缓冲区错误漏洞

Apple tvOS is an operating system for Smart TVs from Apple Inc. in the United States. tvOS suffers from a buffer error vulnerability that stems from a boundary condition in ImageIO. A remote attacker exploiting this vulnerability could create a specially crafted file, trick a victim into opening...