Search CVE reports
91 – 100 of 47746 results
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose confidential issue titles due to...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user with group import permissions to create labels...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 1.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to cause repository downloads to...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user, when the `markdown_placeholders` feature flag...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose metadata from private issues,...
1 affected package
gitlab
| Package | 16.04 LTS |
|---|---|
| gitlab | Ignored |
Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x86_64 systems, the client may call memcmp on inputs that are concurrently...
2 affected packages
glibc, eglibc
| Package | 16.04 LTS |
|---|---|
| glibc | Not affected |
| eglibc | — |
Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting (XSS) via the spin() function that allows a creation of more than 1 alert for each 'target' element. An attacker would need to set an arbitrary...
1 affected package
libjs-spin.js
| Package | 16.04 LTS |
|---|---|
| libjs-spin.js | Needs evaluation |
[Unknown description]
1 affected package
gst-plugins-bad1.0
| Package | 16.04 LTS |
|---|---|
| gst-plugins-bad1.0 | Needs evaluation |
Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible.
1 affected package
giflib
| Package | 16.04 LTS |
|---|---|
| giflib | Needs evaluation |
If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to...
1 affected package
pluxml
| Package | 16.04 LTS |
|---|---|
| pluxml | Needs evaluation |