CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/02/12 12:0 a.m.•4 views

GitLab 18.5 < 18.5.5 / 18.6 < 18.6.3 / 18.7 < 18.7.1 (CVE-2025-13781)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to modify...

6.5CVSS5.7AI score0.00011EPSS

Exploits0References5

Vulnrichment•added 2026/01/09 10:3 a.m.•2 views

CVE-2025-13781 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to modify instance-wide AI feature provider settings by exploiting missing authorization checks in GraphQL mutations...

6.5CVSS6.3AI score0.00011EPSS

CNNVD•added 2025/12/11 12:0 a.m.•1 views

GitLab Enterprise Edition（EE）安全漏洞

GitLab Enterprise Edition EE is a content management system from the American company GitLab. A security vulnerability exists in GitLab Enterprise Edition EE versions prior to 18.4.6, 18.5 through 18.5.4, and 18.6 through 18.6.2, which stems from the fact that execution of a specially crafted...

4.3CVSS6.1AI score0.00017EPSS

NVD•added 2025/12/05 5:16 p.m.•0 views

CVE-2024-9183

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 prior to 18.4.5, 18.5 prior to 18.5.3, and 18.6 prior to 18.6.1 that could have allowed an authenticated user to obtain credentials from higher-privileged users and perform actions in their context under specific...

7.7CVSS0.00008EPSS

CNNVD•added 2025/12/05 12:0 a.m.•1 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab CE and EE from version 18.4 until...

7.7CVSS6.8AI score0.00008EPSS

Tenable Nessus•added 2025/11/25 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-10497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allow...

7.5CVSS8.4AI score0.00077EPSS

RedhatCVE•added 2025/11/22 10:31 p.m.•7 views

CVE-2025-31216

The issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physical access to a device may be able to override managed Wi-Fi profiles...

2.4CVSS5.8AI score0.0002EPSS

Exploits0References1

OSV•added 2025/11/21 10:16 p.m.•2 views

CVE-2025-43374

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, visionOS 2.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, macOS Sequoia 15.5, watchOS 11.5. An attacker in physical proximity may be able to cause an out-of-bounds rea...

4.3CVSS5.4AI score

Exploits0References7

OSV•added 2025/11/21 10:16 p.m.•0 views

CVE-2025-31216

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. An attacker with physical access to a device may be able to override managed Wi-Fi profiles...

2.4CVSS5.8AI score

CVE•added 2025/11/21 9:22 p.m.•16 views

CVE-2025-31216

CVE-2025-31216 affects Apple iOS/iPadOS: an attacker with physical access could override managed Wi‑Fi profiles. Apple fixed this in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5 with “improved checks.” The vulnerability is documented across NVD/Red Hat/ENISA entries, tying to Wi‑Fi profile handling. R...

2.4CVSS5.8AI score0.0002EPSS

Exploits0References2Affected Software2

Cvelist•added 2025/11/21 9:22 p.m.•8 views

CVE-2025-31216

0.0002EPSS

Cvelist•added 2025/11/15 8:3 a.m.•8 views

CVE-2025-11990 Improper Handling of URL Encoding (Hex Encoding) in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to gain CSRF tokens by exploiting improper input validation in repository references combined with redirect handling weaknesses...

3.1CVSS0.00017EPSS

OSV•added 2025/11/15 8:3 a.m.•8 views

CVE-2025-11990 Improper Handling of URL Encoding (Hex Encoding) in GitLab

3.1CVSS6.5AI score0.00017EPSS

Exploits0References6

CNNVD•added 2025/11/15 12:0 a.m.•1 views

GitLab 安全漏洞

3.5CVSS6.6AI score0.00017EPSS

CNNVD•added 2025/11/15 12:0 a.m.•2 views

GitLab 安全漏洞

6.5CVSS6.5AI score0.00024EPSS

CNNVD•added 2025/11/15 12:0 a.m.•2 views

GitLab 安全漏洞

5.3CVSS6.6AI score0.00017EPSS