|
4361
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer…
|
CWE-79
Cross-site Scripting
|
CVE-2026-7481
|
2026-05-15 03:50 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4362
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with projec…
|
CWE-862
Missing Authorization
|
CVE-2026-8144
|
2026-05-15 03:50 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4363
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to cause den…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-8280
|
2026-05-15 03:50 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4364
|
7.5 |
HIGH
Network
|
pgbouncer
|
pgbouncer
|
A possible null pointer reference in PgBouncer before 1.25.2 could lead to a crash, if a server sends an error response without SQLSTATE field.
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-6666
|
2026-05-15 03:49 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4365
|
4.3 |
MEDIUM
Network
|
pgbouncer
|
pgbouncer
|
PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILL_CLIENT admin command. All users with access to the administration console (which itself requires authorization)…
|
CWE-862
Missing Authorization
|
CVE-2026-6667
|
2026-05-15 03:49 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4366
|
3.7 |
LOW
Network
|
apache
|
tomcat
|
Observable Timing Discrepancy vulnerability when comparing AJP secret in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M…
|
CWE-208
Information Exposure Through Timing Discrepancy
|
CVE-2026-43514
|
2026-05-15 03:46 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4367
|
7.2 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authent…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-44855
|
2026-05-15 03:42 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4368
|
7.2 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authent…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-44856
|
2026-05-15 03:42 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4369
|
7.2 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authent…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-44857
|
2026-05-15 03:42 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4370
|
7.2 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authent…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-44858
|
2026-05-15 03:41 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
