MiracleLinux 7 : postgresql-9.2.24-9.0.3.el7.AXS7 (AXSA:2025-9699:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9699:03 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to...

OESA-2024-1977 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

AZL-35255 CVE-2023-40548 affecting package shim for versions less than 15.8-3

A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This fl...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab Community Edition and GitLab Enterpri...

PT-2023-16737 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 9.0 through 15.7.7 GitLab versions 15.8 through 15.8.3 GitLab versions 15.9 through 15.9.1 Description: An issue in GitLab allows for a resource depletion attack due to improper filtering of the number of requests to read comm...

PT-2023-13747 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.3 through 15.7.8 GitLab CE/EE version 15.8 through 15.8.4 GitLab CE/EE version 15.9 through 15.9.2 Description: A cross-site scripting issue was found in the title field of work items, allowing attackers to perform...

CVE-2022-4138

A Cross Site Request Forgery issue has been discovered in GitLab CE/EE affecting all versions before 15.6.7, all versions starting from 15.7 before 15.7.6, and all versions starting from 15.8 before 15.8.1. An attacker could take over a project if an Owner or Maintainer uploads a file to a...

CVE-2022-33739

CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow a remote attacker to potentially view the contents of any file on the system...

Broadcom CA Clarity 安全漏洞

Broadcom CA Clarity is an enterprise investment planning solution from Broadcom, Inc. for accelerating digital transformation. A security vulnerability exists in Broadcom CA Clarity version 15.8 and earlier and version 15.9.0, which stems from an issue when parsing XML. A remote attacker could...