An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. Date published : 2019-12-30 https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/ https://gitlab.com/gitlab-org/gitlab-ce/issues/54914
An issue was discovered in GitLab Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS. Date published : 2019-12-30 https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/ https://gitlab.com/gitlab-org/gitlab-ce/issues/54008
An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS. Date published : 2019-12-30 https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/ https://gitlab.com/gitlab-org/gitlab-ce/issues/54377
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control. Date published : 2019-12-30 https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/ https://gitlab.com/gitlab-org/gitlab-foss/issues/41500
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows Information Exposure. Date published : 2019-12-30 https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/ https://gitlab.com/gitlab-org/gitlab-ce/issues/53477
IBM Watson Studio Local 1.2.3 could disclose sensitive information over the network that an attacked could use in further attacks against the system. IBM X-Force ID: 145238. Date published : 2019-12-30 https://www.ibm.com/support/pages/node/1146388 https://exchange.xforce.ibmcloud.com/vulnerabilities/145238
A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.3.3-3n,...
A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. This vulnerability affected GMS versions GMS 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1. Date published : 2019-12-30 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0011
IBM MQ 9.1.0.0, 9.1.0.1, 9.1.0.2, 9.1.0.3, 9.1.1, 9.1.2, and 9.1.3 is vulnerable to a denial of service attack that would allow an authenticated user to reset client connections due to an error within the...
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...
IBM Cognos Analytics 11.0 and 11.1 allows overly permissive cross-origin resource sharing which could allow an attacker to transfer private information. An attacker could exploit this vulnerability to access content that should be restricted....
IBM Watson Studio Local 1.2.3 stores key files in the user’s home directory which could be obtained by another local user. IBM X-Force ID: 161413. Date published : 2019-12-30 https://www.ibm.com/support/pages/node/1146370 https://exchange.xforce.ibmcloud.com/vulnerabilities/161413
** DISPUTED ** An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSI_IOCTL_SEND_COMMAND. It hits...
Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by overwriting a return address that was found on the...