CyberSecurityBoard
Sponsor Register Login

CVE-2024-3114

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2, with the processing logic for parsing invalid commits can lead to a regular expression DoS attack on the server.

Publication date: Thu, 08 Aug 2024 10:31:00 +0000


Cyber News related to CVE-2024-3114

CVE-2023-3114 - Terraform Enterprise since v202207-1 did not properly implement authorization rules for agent pools, allowing the workspace to be targeted by unauthorized agents. This authorization flaw could potentially allow a workspace to access resources from a ...
1 year ago
AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
1 year ago Feeds.dzone.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
2 years ago Cisa.gov
CVE-2024-3114 - An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2, with the processing logic for parsing invalid commits can lead to a regular expression DoS attack on ...
1 year ago
CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
1 year ago Tenable.com
CVE-2007-3114 - Memory leak in server/MaraDNS.c in MaraDNS before 1.2.12.05, and 1.3.x before 1.3.03, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, a different set of affected versions than CVE-2007-3115 and ...
17 years ago
CVE-2007-3116 - Memory leak in server/MaraDNS.c in MaraDNS 1.2.12.06 and 1.3.05 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, a different set of affected versions than CVE-2007-3114 and CVE-2007-3115. ...
13 years ago
CVE-2012-5572 - CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than ...
11 years ago
CVE-2013-3114 - Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability ...
7 years ago
CVE-2013-3119 - Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability ...
7 years ago
CVE-2007-3115 - Multiple memory leaks in server/MaraDNS.c in MaraDNS before 1.2.12.06, and 1.3.x before 1.3.05, allow remote attackers to cause a denial of service (memory consumption) via (1) reverse lookups or (2) requests for records in a class other than ...
7 years ago
CVE-2017-3114 - An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of providing language- and ...
4 years ago
CVE-2005-3114 - Buffer overflow in the ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long third argument to the GotNate.Excute method. ...
9 years ago
CVE-2016-3114 - Kallithea before 0.3.2 allows remote authenticated users to edit or delete open pull requests or delete comments by leveraging read access. ...
8 years ago
CVE-2012-3114 - Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote attackers to affect integrity via unknown vectors. ...
8 years ago
CVE-2011-3114 - Multiple buffer overflows in the PDF functionality in Google Chrome before 19.0.1084.52 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unknown function calls. ...
8 years ago
CVE-2015-3114 - Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow ...
8 years ago
CVE-2014-3114 - The EZPZ One Click Backup (ezpz-one-click-backup) plugin 12.03.10 and earlier for WordPress allows remote attackers to execute arbitrary commands via the cmd parameter to functions/ezpz-archive-cmd.php. ...
7 years ago
CVE-2009-3114 - The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer's Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K. ...
7 years ago
CVE-2007-4904 - RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that ...
7 years ago
CVE-2008-0763 - Stack-based buffer overflow in NPSpcSVR.exe in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier allows remote attackers to execute arbitrary code via a long argument in a LICENSE command on TCP port 3114. ...
7 years ago
CVE-2008-0764 - Format string vulnerability in the logging function in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier for Windows might allow remote attackers to execute arbitrary code via format string specifiers in a USEP command on TCP port ...
7 years ago
CVE-2006-3114 - PC Tools AntiVirus 2.1.0.51 uses insecure default permissions on the "PC Tools AntiVirus" directory, which allows local users to gain privileges and execute commands. ...
7 years ago
CVE-2008-3114 - Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an ...
7 years ago

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)