CVE-2019-11544

MEDIUM Year: 2019
CVSS v3 Score
4.3
Medium
CVSS v2 Score
4.0
Medium
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It allows Information Disclosure. Non-member users who subscribe to notifications of an internal project with issue and repository restrictions will receive emails about restricted events.

Related Vulnerabilities

CVE-2011-4820

MEDIUM
CVSS:4.3(Medium)

IBM Rational Asset Manager 7.5 could allow a remote attacker to bypass security restrictions. An attacker could exploit this vulnerability using the UID parameter to modify another user's preferences.

NVD-CWE-Other2011

CVE-2015-1971

MEDIUM
CVSS:4.3(Medium)

Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manag...

NVD-CWE-Other2015

CVE-2015-6479

MEDIUM
CVSS:4.3(Medium)

ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover poten...

NVD-CWE-Other2015

CVE-2016-0162

MEDIUM
CVSS:4.3(Medium)

Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."

NVD-CWE-Other2016

CVE-2016-11050

MEDIUM
CVSS:4.3(Medium)

An issue was discovered on Samsung mobile devices with S3(KK), Note2(KK), S4(L), Note3(L), and S5(L) software. An attacker can rewrite the IMEI by flashing crafted firmware. The Samsung ID is SVE-2016...

NVD-CWE-Other2016

CVE-2016-3422

MEDIUM
CVSS:4.3(Medium)

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.

NVD-CWE-Other2016