CVE-2025-12576 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that under certain conditions could have allowed an authenticated user to cause a denial of service due to improper handling of webhook response data...

EUVD-2018-9199

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2022-3902

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions...

Hitachi Vantara Pentaho Business Analytics Server 安全漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.2, 9.3.x, and 8.3.x. The...

Security Bulletin: IBM MQ is vulnerable to a denial of service (CVE-2024-40680)

Summary IBM MQ has addressed a denial of service vulnerability. Vulnerability Details CVEID:CVE-2024-40680 DESCRIPTION: IBM MQ could allow a local user to cause a denial of service due to improper memory allocation causing a segmentation fault. CVSS Base score: 6.2 CVSS Temporal Score: See:...

BIT-GITLAB-2021-22230

Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2...

CVE-2023-5061

An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. In certain situations, it may have been possible for developers to override predefined CI variables via the...

CVE-2022-3486

An open redirect vulnerability in GitLab EE/CE affecting all versions from 9.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allows an attacker to redirect users to an arbitrary location if they trust the URL...

CVE-2022-3486

Removed by vendor...

UBUNTU-CVE-2022-3293

Email addresses were leaked in WebHook logs in GitLab EE affecting all versions from 9.3 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1...

PT-2021-6607 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 9.3 through 13.11.6 GitLab CE/EE version 13.12.6 GitLab CE/EE version 14.0.2 Description: The issue is related to improper code rendering while rendering merge requests, which could be exploited to submit malicious code...

GitLab Cross-Site Scripting Vulnerability (CNVD-2020-19606)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in GitLab...

PT-2020-11916 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 9.3 through 12.8.1 Description: A cross-site scripting issue was found when viewing particular file types, allowing for potential exploitation. Recommendations: For versions 9.3 through 12.8.1, update to a version later than...

Eclipse Jetty Denial of Service Vulnerability

Eclipse Jetty is the Eclipse Foundation of an open source , Java-based Web server and Java Servlet container . A denial of service vulnerability exists in Eclipse Jetty versions 9.3.x and 9.4.x, which can be exploited by an attacker to cause a denial of service...

CVE-2018-17446

A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4...

Eclipse Jetty Integer Overflow Vulnerability

Eclipse Jetty is the Eclipse Foundation of an open source , Java-based Web server and Java Servlet container . An integer overflow vulnerability in the parsing of block lengths in Eclipse Jetty versions 9.2.x and earlier, 9.3.x, and 9.4.x stems from the program's failure to properly handle...

CVE-2018-1058

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected...

Design/Logic Flaw

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected...

CVE-2017-7485

Removed by vendor...

CVE-2017-2768

EMC Network Configuration Manager NCM 9.3.x, EMC Network Configuration Manager NCM 9.4.0.x, EMC Network Configuration Manager NCM 9.4.1.x, EMC Network Configuration Manager NCM 9.4.2.x contains an Improper Authentication vulnerability that could potentially be exploited by malicious users to...