| Page(s) : 1 ... 30 31 32 33 34 35 36 37 38 39 [40] 41 42 43 44 45 46 47 48 49 50 ... | Result(s) : 175836 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 4.7 | 2020-09-15 | CVE-2020-13307 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not revoking current user sessions when 2 factor authentication was activated all... |
| 6.5 | 2020-09-15 | CVE-2020-13303 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Due to improper verification of permissions, an unauthorized user can access a private repos... |
| 7.5 | 2020-09-14 | CVE-2020-15590 | cve | A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensi... |
| 4.9 | 2020-09-14 | CVE-2020-13317 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8, and 13.3.4. An insufficient check in the GraphQL api allowed a maintainer to delete a repository. |
| 7.5 | 2020-09-14 | CVE-2020-13315 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The profile activity page was not restricting the amount of results one could request, poten... |
| 5.3 | 2020-09-14 | CVE-2020-13314 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab Omniauth endpoint allowed a malicious user to submit content to be displayed back to ... |
| 4.3 | 2020-09-14 | CVE-2020-13313 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. An unauthorized project maintainer could edit the subgroup badges due to the lack of authori... |
| 9.8 | 2020-09-14 | CVE-2020-13312 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab OAuth endpoint was vulnerable to brute-force attacks through a specific parameter. |
| 4.3 | 2020-09-14 | CVE-2020-13311 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Wiki was vulnerable to a parser attack that prohibits anyone from accessing the Wiki functio... |
| 6.5 | 2020-09-14 | CVE-2020-13310 | cve | A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1. It was possible to make the gitlab-runner process crash by sending malformed queries, ... |
| 8.8 | 2020-09-14 | CVE-2020-13309 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through the repository mirroring feature. |
| 7.5 | 2020-09-14 | CVE-2020-13306 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab Webhook feature could be abused to perform denial of service attacks due to the lack ... |
| 4.3 | 2020-09-14 | CVE-2020-13305 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not invalidating project invitation link upon removing a user from a project. |
| 7.2 | 2020-09-14 | CVE-2020-13304 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Same 2 factor Authentication secret code was generated which resulted an attacker to maintai... |
| 7.2 | 2020-09-14 | CVE-2020-13302 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Under certain conditions GitLab was not properly revoking user sessions and allowed a malici... |
| 4.8 | 2020-09-14 | CVE-2020-13301 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a stored XSS on the standalone vulnerability page. |
| 5.8 | 2020-09-14 | CVE-2020-13298 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, whic... |
| 5.4 | 2020-09-14 | CVE-2020-13297 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. When 2 factor authentication was enabled for groups, a malicious user could bypass that rest... |
| 7.5 | 2020-09-14 | CVE-2020-11881 | cve | An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-... |
| 8.8 | 2020-09-14 | CVE-2020-10229 | cve | A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts. |
| Page(s) : 1 ... 30 31 32 33 34 35 36 37 38 39 [40] 41 42 43 44 45 46 47 48 49 50 ... | Result(s) : 175836 |
