An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. Insufficient permission check allows attacker with developer role to perform various deletions.
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type hea...
A type confusion vulnerability in lib/NSSAuthenticator.php in ZendTo before v5.04-7 allows remote attackers to bypass authentication for users with passwords stored as MD5 hashes that can be interpret...
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locat...
An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to ...
An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6. A possible type confusion exists in the user data import/export function of NTG 6 head units. To perform this attack, local ...