Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise repository vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-19937
In JFrog Artifactory prior to 6.18, it is not possible to restrict either system or repository imports by any admin user in the enterprise, which can lead to "undesirable results."
Jfrog Artifactory
4
CVSSv2
CVE-2019-13011
An issue exists in GitLab Enterprise Edition 8.11.0 up to and including 12.0.2. By using brute-force a user with access to a project, but not it's repository could create a list of merge requests template names. It has excessive algorithmic complexity.
Gitlab Gitlab
4
CVSSv2
CVE-2019-13006
An issue exists in GitLab Community and Enterprise Edition 9.0 and up to and including 12.0.2. Users with access to issues, but not the repository were able to view the number of related merge requests on an issue. It has Incorrect Access Control.
Gitlab Gitlab
4
CVSSv2
CVE-2019-13005
An issue exists in GitLab Enterprise Edition and Community Edition 1.10 up to and including 12.0.2. The GitLab graphql service was vulnerable to multiple authorization issues that disclosed restricted user, group, and repository metadata to unauthorized users. It has Incorrect Ac...
Gitlab Gitlab
6.5
CVSSv2
CVE-2019-12430
An issue exists in GitLab Community and Enterprise Edition 11.11. A specially crafted payload would allow an authenticated malicious user to execute commands remotely through the repository download feature. It allows Command Injection.
Gitlab Gitlab 11.11.0
4
CVSSv2
CVE-2013-4582
The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 prior to 5.4.2, Community Edition prior to 6.2.4, Enterprise Edition prior to 6.2.1 and gitlab-shell prior to 1.7.8 allows remote authenticated users ...
Gitlab Gitlab
Gitlab Gitlab-shell
6.4
CVSSv2
CVE-2018-12476
Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUS...
Suse Obs-service-tar Scm
6.5
CVSSv2
CVE-2020-2608
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Repository). Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to com...
Oracle Enterprise Manager Base Platform 13.2.0.0
Oracle Enterprise Manager Base Platform 13.3.0.0
6.5
CVSSv2
CVE-2020-2616
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Manager Repository). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with n...
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Enterprise Manager Base Platform 13.2.0.0
Oracle Enterprise Manager Base Platform 13.3.0.0
6.8
CVSSv2
CVE-2019-13734
Out of bounds write in SQLite in Google Chrome before 79.0.3945.79 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 7.7
Redhat Openshift Container Platform 4.2
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »