41
|
5.4 |
MEDIUM
Network
|
calenfretts
|
lastunes
|
The lasTunes WordPress plugin through 3.6.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XS…
Update
|
CWE-352
Origin Validation Error
|
CVE-2023-6499
|
2024-10-9 05:06 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
42
|
9.8 |
CRITICAL
Network
miniorange
|
web3_-_crypto_wallet_login_\&_nft_token_gating
|
The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handle_auth_request' and 'hadle_login_request…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2023-6036
|
2024-10-9 05:00 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
43
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using…
Update
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-1066
|
2024-10-9 04:52 |
2024-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
44
|
2.7 |
LOW
Network
|
gitlab
|
gitlab
|
An information disclosure issue has been discovered in GitLab EE affecting all versions starting from 16.5 prior to 17.2.8, from 17.3 prior to 17.3.4, and from 17.4 prior to 17.4.1. A maintainer coul…
Update
|
NVD-CWE-Other
|
CVE-2024-4278
|
2024-10-9 04:51 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
45
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab EE/CE affecting all versions starting before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1 which allows a…
Update
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2023-3246
|
2024-10-9 04:44 |
2023-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
46
|
7.5 |
HIGH
Network
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which t…
Update
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2023-4647
|
2024-10-9 04:44 |
2023-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
47
|
4.9 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. …
Update
|
NVD-CWE-Other
|
CVE-2023-2485
|
2024-10-9 04:41 |
2023-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
48
|
5.3 |
MEDIUM
Network
gitlab
|
gitlab
|
An issue has been discovered in GitLab CE/EE affecting all versions from 12.2 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which an attacker could potentially modify the metadat…
Update
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2023-2030
|
2024-10-9 04:40 |
2024-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
49
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. It …
Update
|
NVD-CWE-Other
|
CVE-2023-1825
|
2024-10-9 04:39 |
2023-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
50
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization.
Update
|
NVD-CWE-Other
|
CVE-2023-1401
|
2024-10-9 04:38 |
2023-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|