A business logic issue in the handling of large repositories in all versions of GitLab CE/EE from 10.0 before 15.1.6, all versions starting from 15.2…

Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve stored Nessus policy credentials from the “nessusdâ€� process in cleartext via process dumping. The…

A crafted tag in the Jupyter Notebook viewer in GitLab EE/CE affecting all versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 allows an…

This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation…

This vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this…

Remote code execution vulnerability due to insufficient user privilege verification in reverseWall-MDS. Remote attackers can exploit the vulnerability such as stealing account, through remote code…

Tableau discovered a path traversal vulnerability affecting Tableau Server Administration Agent’s internal file transfer service that could allow remote code execution.Tableau only supports product versions…

A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or…

A flaw was found in WordPress 5.1. “X-Forwarded-For” is a HTTP header used to carry the client’s original IP address. However, because these headers may…

A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker…