CVE-2019-19259
GitLab Enterprise Edition (EE) 11.3 and later through 12.5 allows an Insecure Direct Object Reference (IDOR).
Source: CVE-2019-19259
[월:] 2020년 01월
CVE-2012-4451
CVE-2012-4451
Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) Debug, (2) FeedPubSubHubbub, (3) LogFormatterXml, (4) TagCloudDecorator, (5) Uri, (6) ViewHelperHeadStyle, (7) ViewHelperNavigationSitemap, or (8) ViewHelperPlaceholderContainerAbstractStandalone, related to Escaper.
Source: CVE-2012-4451
CVE-2019-19311
CVE-2019-19311
GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 allows XSS in group and profile fields.
Source: CVE-2019-19311
CVE-2019-19087
CVE-2019-19087
Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 2 of 2).
Source: CVE-2019-19087
CVE-2019-19254
CVE-2019-19254
GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and later through 12.5 has Incorrect Access Control.
Source: CVE-2019-19254
CVE-2019-19088
CVE-2019-19088
Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal.
Source: CVE-2019-19088
CVE-2019-19086
CVE-2019-19086
Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 1 of 2).
Source: CVE-2019-19086
CVE-2020-1871
CVE-2020-1871
USG9500 with software of V500R001C30SPC100; V500R001C30SPC200; V500R001C30SPC600; V500R001C60SPC500; V500R005C00SPC100; V500R005C00SPC200 have an improper credentials management vulnerability. The software does not properly manage certain credentials. Successful exploit could cause information disclosure or damage, and impact the confidentiality or integrity.
Source: CVE-2020-1871
CVE-2020-1785
CVE-2020-1785
Mate 10 Pro;Honor V10;Honor 10;Nova 4 smartphones have a denial of service vulnerability. The system does not properly check the status of certain module during certain operations, an attacker should trick the user into installing a malicious application, successful exploit could cause reboot of the smartphone.
Source: CVE-2020-1785
CVE-2019-19441
CVE-2019-19441
HUAWEI P30 smart phones with versions earlier than 10.0.0.166(C00E66R1P11) have an information leak vulnerability. An attacker could send specific command in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause information leak.
Source: CVE-2019-19441