CVE-2024-9164

HIGH Year: 2024
CVSS v3 Score
8.8
High
Weakness Type
CWE-306
View all →

Vulnerability Description

An issue was discovered in GitLab EE affecting all versions starting from 12.5 prior to 17.2.9, starting from 17.3, prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows running pipelines on arbitrary branches.

Related Vulnerabilities

CVE-2016-6541

HIGH
CVSS:8.8(High)

TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. Updated apps, version 5.1.6 for iOS and 2.2.5 for Androi...

CWE-3062016

CVE-2016-7830

HIGH
CVSS:8.8(High)

Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on...

CWE-3062016

CVE-2017-10854

HIGH
CVSS:8.8(High)

Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and change the login password via unspecified vectors.

CWE-3062017

CVE-2018-0521

HIGH
CVSS:8.8(High)

Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.

CWE-3062018

CVE-2018-0554

HIGH
CVSS:8.8(High)

Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.

CWE-3062018

CVE-2018-11476

HIGH
CVSS:8.8(High)

An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the ...

CWE-3062018