|
1291
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with develo…
|
CWE-1280
Access Control Check Implemented After Asset is Accessed
|
CVE-2026-3607
|
2026-05-16 04:57 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1292
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to access…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-4524
|
2026-05-16 04:57 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1293
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to creat…
|
CWE-352
Origin Validation Error
|
CVE-2026-4527
|
2026-05-16 04:56 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1294
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.3 that under certain conditions could have allowed an authenticated user to execute arbitrary code in ano…
|
CWE-79
Cross-site Scripting
|
CVE-2026-6335
|
2026-05-16 04:54 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1295
|
8.3 |
HIGH
Network
|
openimageio
|
openimageio
|
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed integer overflow in QueryRGB…
|
CWE-190
CWE-787
Integer Overflow or Wraparound
Out-of-bounds Write
|
CVE-2026-43907
|
2026-05-16 04:43 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1296
|
7.8 |
HIGH
Local
|
openimageio
|
openimageio
|
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-43905
|
2026-05-16 04:43 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1297
|
7.8 |
HIGH
Local
|
openimageio
|
openimageio
|
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, sgiinput.cpp:265,274 use OIIO_DASSERT…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-43903
|
2026-05-16 04:42 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1298
|
7.8 |
HIGH
Local
|
openimageio
|
openimageio
|
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a heap-based buffer overflow in the H…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-43906
|
2026-05-16 04:42 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1299
|
4.9 |
MEDIUM
Network
|
argoproj
|
argo_workflows
|
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to before version 4.0.5, the workflow executor logs all artifact re…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2026-42295
|
2026-05-16 04:40 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1300
|
8.1 |
HIGH
Network
|
argoproj
|
argo_workflows
|
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.7.14 and 4.0.5, a user with create Workflow permission can bypass …
|
CWE-863
Incorrect Authorization
|
CVE-2026-42296
|
2026-05-16 04:39 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
