CVE-2026-1402

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to cause denial of service due to insufficient validation...

CVE-2026-1402

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to cause denial of service due to insufficient validation...

EUVD-2026-30930

Sparx Enterprise Architect software has a security feature that limits user's actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior e.g. using a debugger and log in as any other user or administrator - then it is possible to do every...

CVE-2025-13335

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that under certain circumstances could have allowed an authenticated user to create a denial of service condition by configuring malformed Wiki documents that...

UBUNTU-CVE-2025-13335

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that under certain circumstances could have allowed an authenticated user to create a denial of service condition by configuring malformed Wiki documents that...

CVE-2025-11702

Removed by vendor...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab version 17.1 up to and including...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab that stems from allowing bypassing...

GitLab CE/EE Security Vulnerabilities

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab CE/EE version 17.0 up to and includi...

PT-2024-7224 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 17.1 through 17.2.9 GitLab versions 17.3 through 17.3.5 GitLab versions 17.4 through 17.4.2 Description: A cross-site scripting issue has been discovered in GitLab. The issue is related to the lack of protection of the web pag...

UBUNTU-CVE-2024-2191

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows merge request title to be visible publicly despite being set as project members only...

GitLab Resource Management Error Vulnerability

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A resource management error vulnerability exists in GitLab CE/EE, which stems...

CVE-2023-42839

This issue was addressed with improved state management. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data...

PT-2024-6686 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.3 through 16.11.4 GitLab CE/EE versions 17.0 through 17.0.2 GitLab CE/EE versions 17.1 through 17.1.0 Description: A Cross Window Forgery issue exists within GitLab CE/EE due to an incorrect restriction of visualizabl...

Cross site scripting

Adobe InDesign versions 17.1 and earlier and 16.4.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2022-28831 Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Adobe InDesign versions 17.1 and earlier and 16.4.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2022-2621 · Adobe · Incopy

Name of the Vulnerable Software and Affected Versions: Adobe InCopy versions 17.1 and earlier Adobe InCopy versions 16.4.1 and earlier Description: The issue is related to a use-after-free vulnerability in Adobe InCopy, which can be exploited to execute arbitrary code in the context of the curren...

CVE-2020-9661

Adobe After Effects versions 17.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2019-2976

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering component: Web Access. Supported versions that are affected are 17.1.0-17.12.12. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2018-2849

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite subcomponent: Web Access. Supported versions that are affected are 16.2 and 17.1 - 17.12. Easily exploitable vulnerability allows low privileged attacker with network...