Lucene search
K
Bdu FstecRecent

90509 matches found

BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the pg_restore_attribute_stats() function in the PostgreSQL database management system allows a hacker to disclose protected information.

The vulnerability of the pgrestoreattributestats function in the PostgreSQL database management system is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that is protected by this function...

4.3CVSS5.8AI score0.00208EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the implementation of the ALTER SUBSCRIPTION...REFRESH PUBLICATION command in the PostgreSQL database management system allows a attacker to execute arbitrary SQL queries.

The vulnerability of the ALTER SUBSCRIPTION...REFRESH PUBLICATION command in PostgreSQL database management systems lies in the lack of protective measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

3.7CVSS6AI score0.0018EPSS
Exploits0References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerabilities of the negotiation mechanisms for SSL and GSS in the PostgreSQL database management system allow attackers to induce service failures.

The vulnerability of the negotiation mechanisms for SSL and GSS in the PostgreSQL database management system is related to an uncontrolled recursion. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service interruptions...

7.8CVSS6AI score0.00471EPSS
Exploits0References13Affected Software8
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the refint module in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the refint module in the PostgreSQL database management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS6.1AI score0.00378EPSS
Exploits0References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the timeofday() function in the PostgreSQL database management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the timeofday function in the PostgreSQL database management system is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.8AI score0.00208EPSS
Exploits0References13Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the pg_basebackup and pg_rewind utilities in the PostgreSQL database management system allows a hacker to re-write any files they choose.

The vulnerability of the pgbasebackup and pgrewind utilities in the PostgreSQL database management system is related to deficiencies in the mechanism for handling symbolic references. Exploiting this vulnerability allows a malicious actor to rewrite any files remotely...

10CVSS5.7AI score0.00324EPSS
Exploits0References12Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the PAN-OS operating system, related to the incorrect checking for unusual or exceptional conditions, allows a perpetrator to trigger a service failure.

The vulnerability of the PAN-OS operating system is related to improper checking for unusual or exceptional conditions. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.8CVSS5.8AI score0.00338EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the Google Chrome browser’s Media component, which allows a hacker to execute arbitrary code.

The vulnerability of the Google Chrome browser’s Media component is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.00309EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of Google Chrome’s graphics processor allows a hacker to bypass the sandboxing protection mechanisms.

The vulnerability of the Google Chrome browser’s graphics processor is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to bypass the sandboxing protection mechanisms...

10CVSS5.8AI score0.00286EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the setother_config() function in the RBAC access control subsystem of the XCP-ng supervisor and the XenServer server virtualization platform allows a malicious individual to gain unauthorized access to the file system.

The vulnerability of the setotherconfig function in the RBAC access control subsystem of the XCP-ng supervisor and the XenServer server virtualization platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain...

9.9CVSS5.8AI score
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge browsers allows attackers to bypass the sandboxing protection mechanisms.

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to bypass the sandboxing protection mechanisms...

8.3CVSS5.8AI score0.00237EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the CORS (Cross-Origin Resource Sharing) mechanism in browsers like Google Chrome and Microsoft Edge allows attackers to bypass existing security measures.

The vulnerability of the CORS Cross-Origin Resource Sharing mechanism in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass existing security measures through a specially created HTML page...

3.1CVSS5.8AI score0.00216EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge browsers allows attackers to bypass existing security mechanisms.

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge is related to a breach of data protection mechanisms. Exploiting this vulnerability allows an attacker to bypass existing security measures through a specially created HTML page...

3.1CVSS5.8AI score0.00195EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the Direct Sockets API interface in Google Chrome and Microsoft Edge browsers allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Direct Sockets API interface in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...

6.4CVSS5.7AI score0.00171EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the ServiceWorker component in Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.

The vulnerability of the ServiceWorker component in Google Chrome and Microsoft Edge is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

6.4CVSS6.1AI score0.00142EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the ANGLE library in Google Chrome browsers allows a hacker to execute arbitrary code or trigger a denial-of-service attack.

The vulnerability of the ANGLE library in Google Chrome browser is related to external control over a web parameter that is assumed to be immutable. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a service failure by using a specially created HTML page...

5CVSS6.1AI score0.00207EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.5 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type conversion errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.00344EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the rxgk_verify_response() function in the rxrpc component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the rxgkverifyresponse function in the rxrpc component of the Linux operating system is related to improper handling of discrepancies in parameter length. Exploiting this vulnerability can allow attackers to cause service failures...

7.8CVSS6.1AI score0.00817EPSS
Exploits4References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the user interface of the Cisco Catalyst SD-WAN Manager centralized system management platform allows a perpetrator to increase their privileges.

The vulnerability of the user interface of the Cisco Catalyst SD-WAN Manager centralized system management console is related to the recording of confidential session information in audit logs. Exploiting this vulnerability could allow an attacker to enhance their read-only privileges...

5.5CVSS5.8AI score0.00194EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the PostgreSQL database management system, related to integer overflows, allows attackers to cause service interruptions.

The vulnerability of the PostgreSQL database management system is related to integer overflow. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

9CVSS5.8AI score0.00668EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the user interface of the Cisco Catalyst SD-WAN Manager centralized system management platform allows a perpetrator to disclose protected information.

The vulnerability of the user interface of the Cisco Catalyst SD-WAN Manager centralized system management system is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

5.5CVSS5.7AI score0.00194EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the ServiceWorker component in Google Chrome and Microsoft Edge browsers allows a hacker to bypass the sandboxing protection mechanism.

The vulnerability of the ServiceWorker component in Google Chrome and Microsoft Edge is related to a violation of data protection mechanisms. Exploiting this vulnerability could allow an attacker to bypass the sandboxing protection mechanisms...

8.3CVSS5.8AI score0.00222EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge browsers allows attackers to bypass the sandboxing protection mechanisms.

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to bypass the sandboxing protection mechanisms...

8.3CVSS5.8AI score0.00222EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of WebRTC technology in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.

The vulnerability of WebRTC technology in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created HTML page...

10CVSS6.2AI score0.00399EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the Speech component in Google Chrome and Microsoft Edge browsers allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Speech component in Google Chrome and Microsoft Edge is related to synchronization errors when using a common resource “Race Situation”. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created HT...

5.4CVSS5.8AI score0.00176EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.5 views

The vulnerability of the Views component in Google Chrome’s browser for MacOS operating systems allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Views component in Google Chrome’s browser for MacOS operating systems is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a service failure...

10CVSS6.1AI score0.00286EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.5 views

The vulnerability of Google Chrome’s WebRTC technology allows attackers to execute arbitrary code.

The vulnerability of Google Chrome’s WebRTC technology is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.00433EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of Google Chrome’s WebRTC technology allows attackers to execute arbitrary code or trigger a service failure.

The vulnerability of Google Chrome’s WebRTC technology is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

10CVSS6.5AI score0.00262EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the Extensions component of Google Chrome and Microsoft Edge browsers allows attackers to bypass existing security mechanisms.

The vulnerability of the Extensions component in Google Chrome and Microsoft Edge relates to a flaw in data protection mechanisms. Exploiting this vulnerability allows an attacker to bypass existing security measures through a specially created HTML page...

4.2CVSS5.8AI score0.00172EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the graphical subsystem of Google Chrome and Microsoft Edge browsers allows a hacker to gain unauthorized access to protected information.

The vulnerability of the graphical subsystem of Google Chrome and Microsoft Edge relates to the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

6.4CVSS5.9AI score0.00171EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

Vulnerability of function system_domains.ml:30-35() in the RBAC access role management subsystem of the XCP-ng hypervisor and XenServer server virtualization platform, which allows a perpetrator to increase their privileges

The vulnerability of function systemdomains.ml:30-35 in the RBAC access control subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to elevate their privileges...

9.9CVSS5.8AI score
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.6 views

The vulnerability of the map_keys_roles() function in the RBAC role management subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform allows a perpetrator to bypass existing security mechanisms.

The vulnerability of the mapkeysroles function in the RBAC role management subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms...

8.5CVSS5.7AI score
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the storage_driver_domain driver in the Role-Based Access Control (RBAC) subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform allows a perpetrator to increase their privileges.

The vulnerability of the storagedriverdomain driver in the Role-Based Access Control RBAC subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to elevate their...

9.9CVSS5.8AI score
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the hvm_serial component in the Role-Based Access Control (RBAC) access management subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform allows a perpetrator to gain write access to arbitrary files.

The vulnerability of the hvmserial component in the Role-Based Access Control RBAC access management subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor,...

8.5CVSS5.9AI score
Exploits0References9Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.5 views

The vulnerability of the WebdriverIO framework, related to the lack of measures to neutralize special elements, allows a hacker to execute arbitrary code.

The vulnerability of the WebdriverIO framework is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.02799EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the PostgreSQL database management system, related to the disclosure of information based on temporal discrepancies, allows a perpetrator to disclose protected information.

The vulnerability of the PostgreSQL database management system is related to the disclosure of information based on temporal discrepancies. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

6.5CVSS5.7AI score0.00558EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.4 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the distribution of resources without any restrictions or regulations, allows a violator to trigger a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...

7.8CVSS5.8AI score0.00339EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.4 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the ability to bypass authentication by using a user-controlled key. This allows attackers to compromise the integrity of the protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab relates to bypassing authentication by using a key controlled by the user. Exploiting this vulnerability allows an attacker to remotely compromise the integrity of the protected information...

4.3CVSS5.8AI score0.0019EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.4 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the falsification of inter-site requests, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the manipulation of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

7.8CVSS5.8AI score0.00153EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.3 views

The vulnerability of the Craft CMS content management system, related to the lack of authentication, allows a hacker to disclose protected information.

The vulnerability of the Craft CMS content management system is related to the lack of authentication. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

6.8CVSS5.7AI score0.00338EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.5 views

The vulnerability of the Connection.bind() function in the Open WebUI (formerly Ollama WebUI) web interface allows a hacker to bypass existing security mechanisms.

The vulnerability of the Connection.bind function in the Open WebUI formerly Ollama WebUI AI-based web interface is related to deficiencies in the authentication process when processing the password parameter: str. Exploiting this vulnerability allows a malicious actor to bypass existing security...

9.4CVSS5.7AI score0.01461EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.3 views

Vulnerability of the real-time messaging system of the Grafana Live platform for monitoring and observation. This platform allows a violator to trigger a service failure.

The vulnerability of the Grafana Live messaging system, a platform for monitoring and surveillance, involves unlimited resource allocation when processing requests to the final destination. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

6.8CVSS5.8AI score0.00328EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.3 views

Vulnerability of the real-time messaging system of the Grafana Live platform for monitoring and observation. This platform allows a violator to trigger a service failure.

The vulnerability of the Grafana Live messaging system in real-time mode, a platform for monitoring and surveillance, is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially crafted...

6.8CVSS5.8AI score0.00262EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.4 views

The vulnerability of the Snapshot API interface of the Grafana monitoring and observation platform allows a perpetrator to gain access to read and delete data.

The vulnerability of the Snapshot API interface of the Grafana monitoring and observation platform is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain access to read and delete data...

6.8CVSS5.8AI score0.00227EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.3 views

The vulnerability of the Site Isolation function in Google Chrome and Microsoft Edge browsers allows attackers to bypass existing security mechanisms.

The vulnerability of the Site Isolation function in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms through a specially created HTML page...

3.1CVSS5.8AI score0.00216EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.4 views

The vulnerability of the “Network” control element in Google Chrome and Microsoft Edge browsers allows a hacker to bypass existing security mechanisms.

The vulnerability of the “Network” control element in Google Chrome and Microsoft Edge relates to external control over a web parameter that is assumed to be immutable. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms through a specially created HTML...

5CVSS5.7AI score0.00225EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.2 views

The vulnerability of the Skia graphic library used by Google Chrome and Microsoft Edge allows attackers to gain unauthorized access to protected information.

The vulnerability of the Skia graphic library used by Google Chrome and Microsoft Edge involves reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

3.1CVSS5.9AI score0.00179EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.3 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to improper code generation management, allows a hacker to execute arbitrary code.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

5.5CVSS6.1AI score0.00176EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.3 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from the ability to bypass authentication by using a user-controlled key. This allows unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab relates to bypassing authentication by using a key controlled by the user. Exploiting this vulnerability can allow an intruder, operating remotely, to gain unauthorized access to protected informatio...

4.3CVSS5.8AI score0.00193EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/19 12:0 a.m.4 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to deficiencies in the deserialization mechanism, allows a hacker to trigger a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

7.8CVSS5.9AI score0.00331EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities90509