GitLab Community Edition/Enterprise Edition 8.9 Permission access control

A vulnerability was found in GitLab Community Edition and Enterprise Edition 8.9 (Bug Tracking Software). It has been classified as critical. Affected is an unknown function of the component Permission Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-36980 : IVANTI AVALANCHE 6.3.2.3490 ENTERPRISESERVER SERVICE TOCTOU

CVE-2022-36980 : IVANTI AVALANCHE 6.3.2.3490 ENTERPRISESERVER SERVICE TOCTOU

Description This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required

CVE-2022-23122 : NETATALK PRIOR 3.1.13 SETFILPARAMS STACK-BASED OVERFLOW

CVE-2022-23122 : NETATALK PRIOR 3.1.13 SETFILPARAMS STACK-BASED OVERFLOW

Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to

CVE-2023-28102 : DISCORDRB ENCODER.RB FILE OS COMMAND INJECTION

CVE-2023-28102 : DISCORDRB ENCODER.RB FILE OS COMMAND INJECTION

Description discordrb is an implementation of the Discord API using Ruby. In discordrb before commit `91e13043ffa` the `encoder.rb` file unsafely