CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2020/11/17 12:13 a.m.•84 views

CVE-2020-26406

GitLab GitLab EE vulnerability CVE-2020-26406: Certain SAST CiConfiguration information could be viewed by unauthorized users via GraphQL. Affected products/versions: GitLab EE 13.3 (up to 13.3.8), 13.4 (up to 13.4.4), and 13.5 (up to 13.5.1). Root cause: misexposure of SAST CiConfiguration data ...

5.3CVSS4.8AI score0.01421EPSS

Debian CVE•added 2020/11/17 12:13 a.m.•26 views

CVE-2020-26406

Removed by vendor...

5.3CVSS6AI score0.01421EPSS

Positive Technologies•added 2020/11/17 12:0 a.m.•5 views

PT-2020-16413 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 13.3 through 13.3.8 GitLab EE versions 13.4 through 13.4.4 GitLab EE versions 13.5 through 13.5.1 Description: Certain SAST CiConfiguration information could be viewed by unauthorized users in GitLab EE. This information wa...

5.3CVSS4.8AI score0.01421EPSS

Exploits0References8

Kitploit•added 2020/11/08 11:30 a.m.•56 views

Hetty - An HTTP Toolkit For Security Research

Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community. Features Man-in-the-middle MITM HTTP/1.1 proxy with logs Project based...

7AI score

Exploits0References8

Hacker One•added 2020/10/18 3:35 a.m.•67 views

Shopify: Low Privileged Staff Member Can Export Billing Charges

Details I'm not 100% sure about this because i don't have billing transactions on my account. However, from my experience on how Shopify backend respond, i think this is a valid finding just need confirmation from Shopify's security team. A GraphQL mutation billingChargesExport can be used by a...

7AI score

OSV•added 2020/10/07 2:15 p.m.•23 views

CVE-2020-13334

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query...

7.5CVSS6.5AI score0.01512EPSS

Exploits0References3

NVD•added 2020/10/07 2:15 p.m.•25 views

CVE-2020-13334

7.5CVSS0.01512EPSS

Exploits0References3

UbuntuCve•added 2020/10/07 2:15 p.m.•27 views

CVE-2020-13334

Prion•added 2020/10/07 2:15 p.m.•21 views

Exploits0References1

Authorization

5CVSS7.3AI score0.01512EPSS

OSV•added 2020/10/07 2:15 p.m.•2 views

UBUNTU-CVE-2020-13334

Cvelist•added 2020/10/07 1:18 p.m.•29 views

Exploits0References2

CVE-2020-13334

5.9CVSS7.3AI score0.01512EPSS

Exploits0References3

CVE•added 2020/10/07 1:18 p.m.•65 views

CVE-2020-13334

CVE-2020-13334 affects GitLab versions prior to 13.2.10, 13.3.7, and 13.4.2. The root cause is improper authorization checks that allow a non-member of a project/group to change the confidentiality attribute of an issue via a GraphQL mutation. This can impact the integrity of issue data (high sev...

7.5CVSS7.2AI score0.01512EPSS

Debian CVE•added 2020/10/07 1:18 p.m.•27 views

CVE-2020-13334

Removed by vendor...

Hacker One•added 2020/10/07 2:26 a.m.•110 views

CS Money: ReDoS at wiki.cs.money graphQL endpoint (AND probably a kind of command injection)

Summary: The endpoint /graphql has a vulnerable query operation named "search", that can I send a Regex malformed parameter, in order to trick the original regular expression to a regex bomb expression. + Payload with a "common" search, querying the value "AAA": query a searchq: "AAA", lang: "en"...

0.3AI score

Positive Technologies•added 2020/10/07 12:0 a.m.•4 views

PT-2020-13475 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.2.10 GitLab versions prior to 13.3.7 GitLab versions prior to 13.4.2 Description: The issue is related to improper authorization checks in GitLab, allowing a non-member of a project or group to modify the...

Hacker One•added 2020/10/05 3:3 p.m.•15 views

Exploits0References10

Enjin: Authentication token and CSRF token bypass

@whiteshadow201 was able to illustrate a vulnerability, due to an overzealous set of CORS rules, where they could execute certain functions on behalf of another user. This was made possible due to a separate vulnerability, a CSRF bypass, that was possible by using the GET method to query the...

2.5AI score

Hacker One•added 2020/10/01 5:50 p.m.•20 views

Reddit: Image queue default key of 'None' and GraphQL unhandled type exception

Summary: I started testing for unrestricted file uploads and quickly discovered a way to upload a corrupted file into Reddit. I was able to bypass the MIME type of uploaded files first by uploading a normal PNG file to Reddit, intercepting the request with burp, and changing the content type from...

6.5AI score