|
246231
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-14613
|
2024-11-21 12:49 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246232
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group m…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-14612
|
2024-11-21 12:49 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246233
|
5.5 |
MEDIUM
Local
|
linux
debian
|
linux_kernel
debian_linux
|
An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in try_merge_free_space() when mounting a crafted btrfs image, because of a lack of chunk type flag checks in bt…
|
CWE-416
Use After Free
|
CVE-2018-14611
|
2024-11-21 12:49 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246234
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verificatio…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2018-14610
|
2024-11-21 12:49 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246235
|
5.5 |
MEDIUM
Local
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to rem…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-14609
|
2024-11-21 12:49 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246236
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur via a Milestone name during a promotion.
|
CWE-79
Cross-site Scripting
|
CVE-2018-14606
|
2024-11-21 12:49 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246237
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the branch name during a Web IDE file commit.
|
CWE-79
Cross-site Scripting
|
CVE-2018-14605
|
2024-11-21 12:49 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246238
|
6.1 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the tooltip of the job inside the CI/CD pipeline.
|
CWE-79
Cross-site Scripting
|
CVE-2018-14604
|
2024-11-21 12:49 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246239
|
8.8 |
HIGH
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. CSRF can occur in the Test feature of the System Hooks component.
|
CWE-352
Origin Validation Error
|
CVE-2018-14603
|
2024-11-21 12:49 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246240
|
7.5 |
HIGH
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. Information Disclosure can occur because the Prometheus metrics featu…
|
CWE-200
Information Exposure
|
CVE-2018-14602
|
2024-11-21 12:49 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
