OpenText Web Site Management Server 跨站脚本漏洞

OpenText Web Site Management Server is an enterprise content management system provided by OpenText Corporation in Canada. Versions 16.7.X, 16.8, and 16.8.1 of OpenText Web Site Management Server have cross-site scripting vulnerabilities. These vulnerabilities stem from improper handling of input...

GitLab 16.8 < 18.5.0 (CVE-2026-1751)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain...

CVE-2026-1751 Missing Authorization in GitLab

A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions...

CVE-2025-3701

Missing Authorization vulnerability in Malcure Web Security Malcure Malware Scanner wp-malware-removal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Malcure Malware Scanner: from n/a through = 16.8...

Linux Distros Unpatched Vulnerability : CVE-2023-6386

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8...

BIT-GITLAB-2024-8635 Server-Side Request Forgery (SSRF) in GitLab

A server-side request forgery issue has been discovered in GitLab EE affecting all versions starting from 16.8 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It was possible for an attacker to make requests to internal resources using a custom Maven Dependency Proxy UR...

CVE-2024-8635

Removed by vendor...

CVE-2024-1299 Privilege Chaining in GitLab

A privilege escalation vulnerability was discovered in GitLab affecting versions 16.8 prior to 16.8.4 and 16.9 prior to 16.9.2. It was possible for a user with custom role of managegroupaccesstokens to rotate group access tokens with owner privileges...

CVE-2024-1299 Privilege Chaining in GitLab

A privilege escalation vulnerability was discovered in GitLab affecting versions 16.8 prior to 16.8.4 and 16.9 prior to 16.9.2. It was possible for a user with custom role of managegroupaccesstokens to rotate group access tokens with owner privileges...

UBUNTU-CVE-2024-0861

An issue has been discovered in GitLab EE affecting all versions starting from 16.4 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Users with the Guest role can change Custom dashboard projects settings contrary to permissions...

CVE-2024-0410

Removed by vendor...

PT-2024-7878 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab Enterprise Edition versions 16.8 through 17.1.7 GitLab Enterprise Edition versions 17.2 through 17.2.5 GitLab Enterprise Edition versions 17.3 through 17.3.2 Description: The issue is related to insufficient server-side request...

PT-2024-5021 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 16.8 through 16.8.2 Description: The issue is related to insecure privilege management in GitLab EE. When a user is assigned a custom role with the manage group access tokens permission, they may be able to create group...

PT-2024-14946 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.11 through 16.6.6 GitLab CE/EE versions 16.7 through 16.7.4 GitLab CE/EE versions 16.8 through 16.8.1 Description: A denial of service issue was identified in GitLab CE/EE, which allows an attacker to increase the...

GitLab Security Breach

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab CE/EE version 12.7 up to and includin...

Microsoft .NET Core Security Vulnerability

Microsoft .NET Core is a free open source development platform from Microsoft USA. The platform is characterized by multi-language support and cross-platform. A security vulnerability exists in Microsoft .NET Core and Microsoft Visual Studio. The following products and versions are...