Lucene search
K

19 matches found

CVE
CVE
added 2026/06/11 10:21 a.m.25 views

CVE-2026-1500

GitLab CE/EE (versions 17.10 prior to 18.10.8, 18.11 prior to 18.11.5, and 19.0 prior to 19.0.2) are affected by CVE-2026-1500. An authenticated user could trigger denial of service via uncontrolled resource consumption when processing a specially crafted file upload. The issue has been remediate...

6.5CVSS5.5AI score0.00321EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/11 10:21 a.m.12 views

EUVD-2026-36233

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to cause denial of service due to uncontrolled resource consumption when processing ...

6.5CVSS5.5AI score0.00321EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.14 views

PT-2026-48645

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 17.10 through 18.10.7 GitLab CE/EE versions 18.11 through 18.11.4 GitLab CE/EE versions 19.0 through 19.0.1 Description An issue exists where an authenticated user can cause a denial of service through uncontrolled resour...

6.5CVSS5.2AI score0.00321EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.9 views

GitLab 17.10 < 18.10.8 / 18.11 < 18.11.5 / 19.0 < 19.0.2 (CVE-2026-1500)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an...

6.5CVSS5.5AI score0.00321EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

GitLab 资源管理错误漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. Versions of GitLab CE/EE prior to 12.0, 18.10.8, 18.11.5, and 19.0.2...

6.5CVSS5.8AI score0.00321EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

Cisco Catalyst SD-WAN Manager 安全漏洞

Cisco Catalyst SD-WAN Manager is a highly customizable dashboard provided by Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. There is a security vulnerability present in Cisco Catalyst SD-WAN Manager, which stems from insufficient user...

7.8CVSS6.3AI score0.25323EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-1184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 11.9 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allow...

7.5CVSS5.8AI score0.00331EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.11 views

GitLab 代码问题漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD continuous integration and delivery. There were code-related vulnerabilities in versions of GitLab EE betwee...

7.5CVSS5.9AI score0.00331EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-11833

Malware in sbrugna...

5.5CVSS5.5AI score0.00231EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.4 views

Ascensio System ONLYOFFICE Document Server 安全漏洞

Ascensio System ONLYOFFICE Document Server is an online office collaboration suite from the Latvian company Ascensio System. The product supports viewing and editing of text, spreadsheets and presentations, among other things. A security vulnerability exists in Ascensio System ONLYOFFICE Document...

6.7CVSS6.3AI score0.00498EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/02/05 12:35 a.m.10 views

CVE-2024-55074

The edit profile function of Grocy through 4.3.0 allows stored XSS and resultant privilege escalation by uploading a crafted HTML or SVG file, a different issue than CVE-2024-8370...

9CVSS3.9AI score0.00627EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.4 views

JeeWMS 安全漏洞

JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. A security vulnerability exists in JeeWMS versions prior to v2025.01.01. An attacker can exploit this vulnerability to execute arbitrary code by uploading specially crafted files...

8.1CVSS7.5AI score0.00473EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.6 views

PT-2024-10055 · Lenovo · Lenovo Xclarity Controller

Name of the Vulnerable Software and Affected Versions: Lenovo XClarity Controller XCC affected versions not specified Description: A privilege escalation issue was discovered in the SSH captive command shell interface. This could allow an authenticated XCC user with elevated privileges to perform...

9CVSS8.6AI score0.01071EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.3 views

PT-2024-10056 · Lenovo · Lenovo Xclarity Controller

Name of the Vulnerable Software and Affected Versions: Lenovo XClarity Controller XCC for Lenovo ThinkSystem servers affected versions not specified Description: The issue is related to a lack of neutralization of special elements, which could allow a remote attacker to execute arbitrary commands...

9CVSS8.5AI score0.01006EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/06/06 12:0 a.m.5 views

Devellion CubeCart Security Breach

Devellion CubeCart is a free and open source e-commerce shopping cart software from the company of Devellion UK. The software supports selling products, adding/editing products or images in an online store, etc. A security vulnerability exists in Devellion CubeCart v.6.5.5 and earlier versions,...

9.8CVSS7.5AI score0.05012EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/10/17 12:0 a.m.4 views

LyLme Spage Code Issue Vulnerability

LyLme Spage six zero navigation page is China's six zero LyLme open source a navigation page . Committed to simple and efficient advertising-free Internet navigation and search portal , support for background links , custom search engine , precipitation of the most valuable links , no commercial...

9.8CVSS7.6AI score0.00838EPSS
Exploits1References2
OSV
OSV
added 2023/03/10 9:30 p.m.3 views

GHSA-FRGR-C5F2-8QHH Denial of service in Jenkins Core

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier, and prior to LTS 2.387.1 is affected by the Apache Commons FileUpload library’s vulnerability CVE-2023-24998. This library is used to process uploaded files via the Stapler web framework usually through StaplerRequestgetFile and...

6.5CVSS5.8AI score0.0098EPSS
Exploits0References4
OSV
OSV
added 2018/12/14 8:29 p.m.4 views

UBUNTU-CVE-2018-20149

In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data...

5.4CVSS7.3AI score0.03443EPSS
Exploits0References4
OSV
OSV
added 2017/02/01 10:59 p.m.4 views

CVE-2016-8938

IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host customer's production applications...

10CVSS5.9AI score0.02824EPSS
Exploits0References2
Rows per page
Query Builder