12 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-2004
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the...
PostgreSQL 安全漏洞
PostgreSQL is a set of free object-relational database management systems developed by the PostgreSQL organization. This system supports most SQL standards and offers many other features, such as foreign keys, triggers, views, etc. Security vulnerabilities existed in versions prior to PostgreSQL...
PT-2026-7843
Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.2 PostgreSQL versions prior to 17.8 PostgreSQL versions prior to 16.12 PostgreSQL versions prior to 15.16 PostgreSQL versions prior to 14.21 Description A flaw exists in PostgreSQL due to improper validation of...
CVE-2025-61906
Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 17.8 and 18.2, in some situations, Opencast's editor may publish a video without notifying the user. This may lead to users accidentally publishing media not meant for...
Opencast's Paella Player 7 is vulnerable to Cross-Site Scripting
Prior to Opencast 17.8 and 18.2 the paella would include and render some user inputs metadata like title, description, etc. unfiltered and unmodified. Impact The vulnerability allows attackers to inject and malicious HTML and JavaScript in the player, which would then be executed in the browsers ...
EUVD-2025-33323
Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 17.8 and 18.2, in some situations, Opencast's editor may publish a video without notifying the user. This may lead to users accidentally publishing media not meant for...
CVE-2025-61788 Opencast Paella Player 7 vulnerable to Cross-Site-Scripting
Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 17.8 and 18.2, the paella would include and render some user inputs metadata like title, description, etc. unfiltered and unmodified. The vulnerability allows attackers to...
CVE-2025-61788
Opencast Paella Player 7 is vulnerable to cross-site scripting prior to versions 17.8 and 18.2. The issue stems from unfiltered user-supplied metadata being rendered in the player, enabling injection of HTML/JavaScript that executes in viewers’ browsers. Exploitation requires write access to the ...
Linux Distros Unpatched Vulnerability : CVE-2024-11931
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.6.4, from 17.7 prior to 17.7.3, and from 17.8 prior to 17.8.1...
GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 跨站脚本漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition EE and GitLab Community Edition CE A cross-site scripting...
PT-2025-6790 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.7 prior to 17.7.4 GitLab CE/EE versions 17.8 prior to 17.8.2 Description: The issue allows users with limited permissions to perform unauthorized actions on critical project data due to improper authorization...
GitLab 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, and CI/CD continuous integration and continuous delivery features. A security vulnerability exists in GitLab, which can be exploited by an attacker to...