CVE-2024-8974

MEDIUM Year: 2024
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-684
View all →

Vulnerability Description

Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauthorised user the path of a private project."

Related Vulnerabilities

CVE-2024-5005

MEDIUM
CVSS:4.3(Medium)

An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 11.4 before 17.2.9, all versions starting from 17.3 before 17.3.5, all versions starting from 17.4 before 1...

CWE-6842024

CVE-2020-11054

LOW
CVSS:3.5(Low)

In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow (colo...

CWE-6842020

CVE-2023-5158

MEDIUM
CVSS:5.5(Medium)

A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length...

CWE-6842023

CVE-2022-23728

MEDIUM
CVSS:6.1(Medium)

Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011.

CWE-6842022

CVE-2023-24845

CRITICAL
CVSS:9.8(Critical)

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCO...

CWE-6842023

CVE-2024-50357

CRITICAL
CVSS:9.8(Critical)

FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial (factory default) configuration. But, REST-APIs are unexpectedly enab...

CWE-6842024