BIT-GITLAB-2022-2230

A Stored Cross-Site Scripting vulnerability in the project settings page in GitLab CE/EE affecting all versions from 14.4 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows an attacker to execute arbitrary JavaScript code in GitLab on a victim's behalf...

CVE-2022-2230

A Stored Cross-Site Scripting vulnerability in the project settings page in GitLab CE/EE affecting all versions from 14.4 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows an attacker to execute arbitrary JavaScript code in GitLab on a victim's behalf...

PT-2022-15342 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 14.4 through 14.10.4 GitLab CE/EE versions 15.0 through 15.0.3 GitLab CE/EE versions 15.1 through 15.1.0 Description: A Stored Cross-Site Scripting issue in the project settings page allows an attacker to execute arbitra...

PT-2022-11092 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 14.3 through 14.3.6 GitLab CE/EE versions 14.4 through 14.4.4 GitLab CE/EE versions 14.5 through 14.5.2 Description: The issue is related to the improper neutralization of user input, allowing an attacker to exploit XSS ...

PT-2021-22778 · Gitlab · Gitlab Runner +1

Name of the Vulnerable Software and Affected Versions: GitLab Runner versions 13.7 through 14.3.6 GitLab Runner versions 14.4 through 14.4.4 GitLab Runner versions 14.5 through 14.5.2 Description: An uncontrolled resource consumption issue in GitLab Runner allows an attacker to trigger a job with...

PT-2021-22773 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.10 through 14.3.5 GitLab CE/EE versions 14.4 through 14.4.3 GitLab CE/EE versions 14.5 through 14.5.1 Description: The issue is related to improper access control, allowing any project member to retrieve the service...

PT-2021-22751 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.1 through 14.2.6 GitLab CE/EE versions 14.3 through 14.3.4 GitLab CE/EE versions 14.4 through 14.4.1 Description: The issue is related to an Improper Access Control vulnerability in the GraphQL API. This vulnerability...

PT-2021-4869 · Adobe · Audition

Name of the Vulnerable Software and Affected Versions: Adobe Audition versions 14.4 and earlier Description: The issue is related to a memory corruption vulnerability that could potentially result in arbitrary code execution in the context of the current user, requiring user interaction to be...

CVE-2021-2323

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Flex-Branch. Supported versions that are affected are 12.3, 12.4, 14.0-14.4 and . Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to...

Apple tvOS 缓冲区错误漏洞

Apple tvOS is an operating system for Smart TVs from Apple Inc. in the United States. tvOS suffers from a buffer error vulnerability that stems from a boundary condition in ImageIO. A remote attacker exploiting this vulnerability could create a specially crafted file, trick a victim into opening...