Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-5544

Malware in sbrugna...

6.5CVSS6.4AI score0.01095EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-13284

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token CVE-2020-13284 Note that Ness...

6.5CVSS6.4AI score0.01095EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-12570

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.4.6, from 17.5 prior to 17.5.4, and from 17.6 prior to 17.6.2...

6.7CVSS5.5AI score0.00434EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-8641

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2...

8.8CVSS5.5AI score0.00457EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/20 3:50 p.m.14 views

CVE-2025-7789

A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected by this issue is the function makeToken of the file src/main/java/com/xxl/job/admin/controller/IndexController.java of the component Token Generation. The manipulation leads to password hash with...

6.3CVSS7.3AI score0.0028EPSS
Exploits1References1
NVD
NVD
added 2024/12/12 12:15 p.m.27 views

CVE-2024-12570

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.4.6, from 17.5 prior to 17.5.4, and from 17.6 prior to 17.6.2. It may have been possible for an attacker with a victim's CIJOBTOKEN to obtain a GitLab session token belonging to the victim...

6.7CVSS0.00434EPSS
Exploits1References2
OSV
OSV
added 2024/12/12 12:15 p.m.2 views

UBUNTU-CVE-2024-12570

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.4.6, from 17.5 prior to 17.5.4, and from 17.6 prior to 17.6.2. It may have been possible for an attacker with a victim's CIJOBTOKEN to obtain a GitLab session token belonging to the victim...

6.7CVSS5.8AI score0.00434EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/12/12 12:0 a.m.6 views

PT-2024-10153 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.7 through 17.4.6 GitLab CE/EE versions 17.5 through 17.5.4 GitLab CE/EE versions 17.6 through 17.6.2 Description: An issue has been discovered in GitLab CE/EE that may have allowed an attacker with a victim's CI JOB...

6.8CVSS6.9AI score0.00434EPSS
Exploits1References13
OSV
OSV
added 2024/09/12 7:15 p.m.2 views

UBUNTU-CVE-2024-8641

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It may have been possible for an attacker with a victim's CIJOBTOKEN to obtain a GitLab session token belonging to the victim...

8.8CVSS5.8AI score0.00457EPSS
Exploits0References4
OSV
OSV
added 2024/03/06 11:22 a.m.28 views

BIT-GITLAB-2020-13284

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token...

6.5CVSS6.3AI score0.01095EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/01/15 12:0 a.m.6 views

PT-2021-14361

Name of the Vulnerable Software and Affected Versions: OneDev versions prior to 4.0.3 Description: OneDev is an all-in-one devops platform with a critical "zip slip" vulnerability that may lead to arbitrary file write. The KubernetesResource REST endpoint untars user-controlled data from the...

8.8CVSS7.3AI score0.12163EPSS
Exploits0References8
OSV
OSV
added 2020/09/14 7:15 p.m.21 views

CVE-2020-13284

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token...

6.5CVSS6.4AI score0.01095EPSS
Exploits0References2
Prion
Prion
added 2020/09/14 7:15 p.m.18 views

Authorization

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token...

5.5CVSS6.4AI score0.01095EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/09/14 7:15 p.m.3 views

UBUNTU-CVE-2020-13284

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token...

6.5CVSS6.6AI score0.01095EPSS
Exploits0References3
CVE
CVE
added 2020/09/14 6:48 p.m.61 views

CVE-2020-13284

GitLab CVE-2020-13284 affects GitLab versions prior to 13.1.10, 13.2.8, and 13.3.4, where API authorization could be compromised via an outdated CI job token. The connected sources confirm the affected branches and the specific vulnerable component (CI/job token handling) but do not provide attac...

6.5CVSS6.3AI score0.01095EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/14 6:48 p.m.33 views

CVE-2020-13284

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token...

6.5CVSS6.4AI score0.01095EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/09/04 12:0 a.m.48 views

FreeBSD : Gitlab -- multiple vulnerabilities (1fb13175-ed52-11ea-8b93-001b217b3468)

Gitlab reports : Vendor Cross-Account Assume-Role Attack Stored XSS on the Vulnerability Page Outdated Job Token Can Be Reused to Access Unauthorized Resources File Disclosure Via Workhorse File Upload Bypass Unauthorized Maintainer Can Edit Group Badge Denial of Service Within Wiki Functionality...

10CVSS6.8AI score0.99019EPSS
Exploits7References27
Rows per page
Query Builder