Search CVE reports
181 – 190 of 47849 results
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to make unintended internal requests through...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. From 11.0.0 to before 11.0.5, an authenticated technician user can upload a...
1 affected package
glpi
| Package | 16.04 LTS |
|---|---|
| glpi | Needs evaluation |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose confidential issue titles due to...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user with group import permissions to create labels...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 1.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to cause repository downloads to...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user, when the `markdown_placeholders` feature flag...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose metadata from private issues,...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x86_64 systems, the client may call memcmp on inputs that are concurrently...
2 affected packages
glibc, eglibc
| Package | 16.04 LTS |
|---|---|
| glibc | Not affected |
| eglibc | — |
Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting (XSS) via the spin() function that allows a creation of more than 1 alert for each 'target' element. An attacker would need to set an arbitrary...
1 affected package
libjs-spin.js
| Package | 16.04 LTS |
|---|---|
| libjs-spin.js | Needs evaluation |
[Unknown description]
1 affected package
gst-plugins-bad1.0
| Package | 16.04 LTS |
|---|---|
| gst-plugins-bad1.0 | Needs evaluation |