CVE-2024-11129

MEDIUM Year: 2024
CVSS v3 Score
6.3
Medium
Weakness Type
CWE-209
View all →

Vulnerability Description

An issue has been discovered in GitLab EE affecting all versions from 17.1 before 17.8.7, 17.9 before 17.9.6, and 17.10 before 17.10.4. This allows attackers to perform targeted searches with sensitive keywords to get the count of issues containing the searched term."

Related Vulnerabilities

CVE-2019-4420

MEDIUM
CVSS:6.2(Medium)

IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages, revealing sensitive information that could aid in further attacks against the system. IBM X-Force ID: 16...

CWE-2092019

CVE-2024-52896

MEDIUM
CVSS:6.2(Medium)

IBM MQ 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned.

CWE-2092024

CVE-2024-52897

MEDIUM
CVSS:6.2(Medium)

IBM MQ 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned.

CWE-2092024

CVE-2024-52898

MEDIUM
CVSS:6.2(Medium)

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned.

CWE-2092024

CVE-2016-9459

MEDIUM
CVSS:6.1(Medium)

Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a log pollution vulnerability potentially leading to a local XSS. The download log functionality in the admin screen is ...

CWE-2092016

CVE-2018-10624

MEDIUM
CVSS:6.5(Medium)

In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the ser...

CWE-2092018