PT-2026-24905

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to gain unauthorized access to confidential issue title created in public projects under certain circumstances...

BIT-GITEA-2026-20883 Gitea Stopwatch API Missing Authorization Check Leads to Post-Revocation Information Disclosure

Gitea's stopwatch API does not re-validate repository access permissions. After a user's access to a private repository is revoked, they may still view issue titles and repository names through previously started stopwatches...

Linux Distros Unpatched Vulnerability : CVE-2026-0907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 13 security fixes: 456547591 High CVE-2025-13630: Type Confusion in V8. Reported by Shreyas Penkar @streypaws on 2025-10-31 448113221 High CVE-2025-13631: Inappropriate implementation in Google Updater. Reported by Jota Domingos on 2025-09-29 43905824...

EUVD-2021-33335

Malicious code in bioql PyPI...

CVE-2023-1825

An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. It was possible to disclose issue notes to an unauthorized user at project export...

CVE-2020-8893

An issue was discovered in MISP before 2.4.121. The Galaxy view contained an incorrectly sanitized search string in app/View/Galaxies/view.ctp...

PT-2025-2863 · Debian · Debian

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue involves path traversal in the view issue raw file function. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

swear (>=0.0.0 <=0.0.4), tcomb-view (>=2.0.0 <=2.0.3) +1 more potentially affected by CVE-2020-28273 via set-in (=1.1.1)

set-in NPM version =1.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on set-in and may be impacted: - swear =0.0.0, =2.0.0, =0.0.0, =1.0.0 Source cves: CVE-2020-28273 Source advisory: OSV:GHSA-QR4P-C9WR-PHR6...

MailOrderWorks 5.907 - Multiple Vulnerabilities

No description provided by source. Title: ====== MailOrderWorks v5.907 - Multiple Web Vulnerabilities Date: ===== 2013-01-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=798 VL-ID: ===== 796 Common Vulnerability Scoring System: ==================================== 4....

XSS on several select lists

Steps to reproduce: -Create a new issue type -Add "alert'Issue name' as Issue name mind the qoute at the beginning -Add "alert'Issue desc' as Issue Description -Add /images/icons/issuetypes/genericissue.png "alert'Issue icon' as Issue Icon -Make sure that this issue type is available on your...

MailOrderWorks 5.907 - Multiple Vulnerabilities

MailOrderWorks 5.907 - Multiple Vulnerabilities Title: ====== MailOrderWorks v5.907 - Multiple Web Vulnerabilities Date: ===== 2013-01-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=798 VL-ID: ===== 796 Common Vulnerability Scoring System:...

Security update 1970-01-01

...

Security update 1970-01-01

...