Lucene search
+L

17 matches found

OSV
OSV
added 2024/03/06 11:23 a.m.17 views

BIT-GITLAB-2020-13280

For GitLab before 13.0.12, 13.1.6, 13.2.3 a memory exhaustion flaw exists due to excessive logging of an invite email error message...

6.5CVSS6.3AI score0.0105EPSS
Exploits1References3
WPVulnDB
WPVulnDB
added 2022/02/16 12:0 a.m.10 views

WP Statistic < 13.1.6 - Reflected Cross-Site Scripting

The plugin does not escape various generated links before outputting them back in attributes, leading to Reflected Cross-Site Scripting PoC https://example.com/wp-admin/admin.php?page=wpsvisitorspage&" https://example.com/wp-admin/admin.php?page=wpsreferrerspage&"...

0.3AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/02/16 12:0 a.m.37 views

WordPress WP Statistics plugin <= 13.1.5 - Unauthenticated Blind SQL Injection (SQLi) vulnerability

Unauthenticated Blind SQL Injection SQLi vulnerability via currentpageid discovered by Muhammad Zeeshan Xib3rR4dAr in WordPress WP Statistics plugin versions = 13.1.5. Solution Update the WordPress WP Statistics plugin to the latest available version at least 13.1.6...

9.8CVSS3.3AI score0.8093EPSS
Exploits4References3Affected Software1
CNVD
CNVD
added 2020/08/17 12:0 a.m.4 views

GitLab Cross-Site Scripting Vulnerability (CNVD-2020-46291)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in tooltip in...

7.3CVSS6.3AI score0.01014EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/14 12:0 a.m.5 views

GitLab code issue vulnerability (CNVD-2020-46484)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions prior ...

7.1CVSS6.7AI score0.01041EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/08/13 12:38 p.m.16 views

CVE-2020-13283

For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issues list via milestone title...

7.3CVSS6.7AI score0.00846EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/08/13 12:0 a.m.4 views

PT-2020-13427 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.0.12 GitLab versions prior to 13.1.6 GitLab versions prior to 13.2.3 Description: The issue allows user-controlled git configuration settings to be modified, resulting in Server Side Request Forgery. Recommendation...

6.4CVSS4.9AI score0.00745EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2020/08/13 12:0 a.m.3 views

PT-2020-13422 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.0.12 GitLab versions prior to 13.1.6 GitLab versions prior to 13.2.3 Description: A denial of service issue exists in the project import feature. Recommendations: For versions prior to 13.0.12, update to version...

6.5CVSS6.2AI score0.01327EPSS
Exploits0References7
CNVD
CNVD
added 2020/08/12 12:0 a.m.3 views

GitLab Memory Exhaustion Vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions prior ...

6.5CVSS6.7AI score0.0105EPSS
Exploits1References1
CNVD
CNVD
added 2020/08/12 12:0 a.m.4 views

GitLab Data Forgery Issue Vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions prior ...

6.4CVSS6.8AI score0.00745EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/12 12:0 a.m.4 views

GitLab Cross-Site Scripting Vulnerability (CNVD-2020-46489)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in Issues in...

7.3CVSS6.3AI score0.00846EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/12 12:0 a.m.4 views

GitLab Resource Management Error Vulnerability (CNVD-2020-46491)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions prior ...

5.5CVSS6.9AI score0.01221EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/12 12:0 a.m.4 views

GitLab Access Control Error Vulnerability (CNVD-2020-46487)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An access control error vulnerability exists in GitLab...

4.9CVSS6.7AI score0.00683EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/08/10 1:32 p.m.37 views

CVE-2020-13295

For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF...

5.4CVSS8.6AI score0.01158EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/08/10 12:0 a.m.5 views

PT-2020-13434 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.0.12 GitLab versions prior to 13.1.6 GitLab versions prior to 13.2.3 Description: The issue allows an override of an existing hash when using a branch with a hexadecimal name in GitLab. Recommendations: For version...

7.1CVSS6.7AI score0.01041EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2020/08/10 12:0 a.m.4 views

PT-2020-13435 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.0.12 GitLab versions prior to 13.1.6 GitLab versions prior to 13.2.3 Description: The issue arises when access grants are not revoked after a user has revoked access to an application. This could potentially lead t...

5.5CVSS5.2AI score0.01221EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2020/08/10 12:0 a.m.3 views

PT-2020-13433 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.0.12 GitLab versions prior to 13.1.6 GitLab versions prior to 13.2.3 Description: The issue allows bypassing E-mail verification required for OAuth Flow. Recommendations: For versions prior to 13.0.12, update to...

9.6CVSS9.2AI score0.00996EPSS
Exploits0References12
Rows per page
Query Builder