GitLab 10.8 through 12.9 has a vulnerability that allows someone to mirror a repository even if the feature is not activated. Date published : 2020-04-29 https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
GitLab 9.5.9 through 12.9 is vulnerable to stored XSS in an admin notification feature. Date published : 2020-04-29 https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that allows an external user to create a personal snippet through the API. Date published : 2020-04-29 https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an arbitrary file upload for an authenticated user. If an executable file is uploaded into the www-root directory, then it could yield...
An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an authenticated user to change the filename value (in the POST method) from the original filename to achieve directory traversal via a...
Beeline Smart Box 2.0.38 routers allow "Advanced settings > Other > Diagnostics" OS command injection via the Ping ping_ipaddr parameter, the Nslookup nslookup_ipaddr parameter, or the Traceroute traceroute_ipaddr parameter. Date published : 2020-04-29 https://medium.com/@Pavel.Step/security-analysis-of-the-smart-box-router-932f86dc8a9e...
An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload. Date published : 2020-04-29 https://community.opmantek.com/display/OA/Release+Notes+for+Open-AudIT+v3.3.0 https://www.coresecurity.com/advisories/open-audit-multiple-vulnerabilities
An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL Injections. Date published : 2020-04-29 https://community.opmantek.com/display/OA/Release+Notes+for+Open-AudIT+v3.3.0 https://www.coresecurity.com/advisories/open-audit-multiple-vulnerabilities
In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a...
Cerner medico 26.00 has a Local Buffer Overflow (issue 3 of 3). Date published : 2020-04-29 https://www.x41-dsec.de/lab/advisories/x41-2019-008-medico/
Cerner medico 26.00 has a Local Buffer Overflow (issue 2 of 3). Date published : 2020-04-29 https://www.x41-dsec.de/lab/advisories/x41-2019-008-medico/
Cerner medico 26.00 has a Local Buffer Overflow (issue 1 of 3). Date published : 2020-04-29 https://www.x41-dsec.de/lab/advisories/x41-2019-008-medico/
Cerner medico 26.00 allows variable reuse, possibly causing data corruption. Date published : 2020-04-29 https://www.x41-dsec.de/lab/advisories/x41-2019-008-medico/
ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these links...