Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Tenable Nessus
Tenable Nessusadded 2024/05/17 12:0 a.m.23 views

GitLab 12.2 < 13.4.7 / 13.5 < 13.5.5 / 13.6 < 13.6.2 (CVE-2020-26415)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. This affects GitLab =12.2 to =13.5 to =13.6 to =12.2 to =13.5 to...

4.3CVSS5.2AI score0.00161EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/05/17 12:0 a.m.16 views

GitLab 12.4 < 13.4.7 / 13.5 < 13.5.5 / 13.6 < 13.6.2 (CVE-2020-26407)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a...

5.5CVSS5.4AI score0.0015EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2022/05/25 10:41 p.m.45 views

Cross-site Scripting in wiki manager join wiki page

Impact We found a possible XSS vector in the WikiManager.JoinWiki wiki page related to the "requestJoin" field. Patches The issue is patched in versions 12.10.11, 14.0-rc-1, 13.4.7, 13.10.3. Workarounds The easiest workaround is to edit the wiki page WikiManager.JoinWiki with wiki editor and chan...

7.4CVSS5.7AI score0.00498EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVEadded 2020/12/11 3:29 a.m.19 views

CVE-2020-26415

Removed by vendor...

4.3CVSS5.8AI score0.00161EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2020/12/11 12:0 a.m.3 views

PT-2020-16420 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 12.2 through 13.4.7 GitLab versions 13.5 through 13.5.5 GitLab versions 13.6 through 13.6.2 Description: Information about the starred projects for private user profiles was exposed via the GraphQL API starting from version...

4.3CVSS4.4AI score0.00161EPSS
Exploits0References33
Positive Technologies
Positive Technologiesadded 2020/12/11 12:0 a.m.2 views

PT-2020-16421 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 8.4 through 13.4.6 GitLab EE versions 13.5 through 13.5.4 GitLab EE versions 13.6 through 13.6.1 Description: The issue is related to information disclosure in the Advanced Search component of GitLab EE, starting from versi...

4.4CVSS4.2AI score0.00042EPSS
Exploits0References29
NCSC
NCSCadded 2020/12/08 12:0 a.m.7 views

Vulnerabilities fixed in GitLab

Multiple vulnerabilities have been identified in GitLab; an remote attacker could exploit some of these vulnerabilities exploit them to enable cross-site scripting, denial of service condition trigger and release sensitive information about the targeted system. disclosure. The developers have...

6.5CVSS6.7AI score0.00169EPSS
Exploits0
Rows per page
Query Builder