|
223401
|
5.3 |
MEDIUM
Network
|
squid-cache
canonical
debian
fedoraproject
|
squid
ubuntu_linux
debian_linux
fedora
|
An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently.…
|
CWE-444
HTTP Request Smuggling
|
CVE-2019-18678
|
2024-11-21 13:33 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223402
|
6.1 |
MEDIUM
Network
|
squid-cache
canonical
fedoraproject
|
squid
ubuntu_linux
fedora
|
An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to in…
|
CWE-352
Origin Validation Error
|
CVE-2019-18677
|
2024-11-21 13:33 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223403
|
7.5 |
HIGH
Network
|
squid-cache
canonical
fedoraproject
debian
|
squid
ubuntu_linux
fedora
debian_linux
|
An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy.…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-18676
|
2024-11-21 13:33 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223404
|
10.0 |
CRITICAL
Network
|
dell
|
emc_storage_monitoring_and_reporting
|
Dell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of Untrusted Data vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerabili…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-18580
|
2024-11-21 13:33 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223405
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition 8.17 through 12.4 in the Search feature provided by Elasticsearch integration.. It has Insecure Permissions (issue 1 of 4).
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-18456
|
2024-11-21 13:33 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223406
|
7.5 |
HIGH
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition 11 through 12.4 when building Nested GraphQL queries. It has a large or infinite loop.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-18455
|
2024-11-21 13:33 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223407
|
6.1 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition 10.5 through 12.4 in link validation for RDoc wiki pages feature. It has XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-18454
|
2024-11-21 13:33 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223408
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition 11.6 through 12.4 in the add comments via email feature. It has Insecure Permissions.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-18453
|
2024-11-21 13:33 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223409
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition 11.3 through 12.4 when moving an issue to a public project from a private one. It has Insecure Permissions.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-18452
|
2024-11-21 13:33 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223410
|
6.1 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition 10.7.4 through 12.4 in the InternalRedirect filtering feature. It has an Open Redirect.
|
CWE-601
Open Redirect
|
CVE-2019-18451
|
2024-11-21 13:33 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
