CVE-2023-1178

MEDIUM Year: 2023
CVSS v3 Score
5.7
Medium
Weakness Type
CWE-94
View all →

Vulnerability Description

An issue has been discovered in GitLab CE/EE affecting all versions from 8.6 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. File integrity may be compromised when source code or installation packages are pulled from a tag or from a release containing a ref to another commit.

Related Vulnerabilities

CVE-2021-33693

MEDIUM
CVSS:5.7(Medium)

SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to inject malicious codes that could potentially lead to OS command execution.

CWE-942021

CVE-2023-5512

MEDIUM
CVSS:5.7(Medium)

An issue has been discovered in GitLab CE/EE affecting all versions from 16.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. File integrit...

CWE-942023

CVE-2024-27766

MEDIUM
CVSS:5.7(Medium)

An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is cr...

CWE-942024

CVE-2024-36531

MEDIUM
CVSS:5.7(Medium)

nukeviet v.4.5 and before and nukeviet-egov v.1.2.02 and before are vulnerable to arbitrary code execution via the /admin/extensions/upload.php component.

CWE-942024

CVE-2024-44744

MEDIUM
CVSS:5.7(Medium)

An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code via placing crafted binaries into unspecified directories. NOTE: Malwarebytes argues that this issue req...

CWE-942024

CVE-2017-1721

MEDIUM
CVSS:5.6(Medium)

IBM Security QRadar SIEM 7.2 and 7.3 could allow an unauthenticated user to execute code remotely with lower level privileges under unusual circumstances. IBM X-Force ID: 134810.

CWE-942017