Lucene search
K

387 matches found

Cvelist
Cvelist
added 2026/06/25 4:34 a.m.32 views

CVE-2026-1606 Improper Control of Generation of Code ('Code Injection') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.8 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user to conceal content within a Snippet due to improper input validation...

4.3CVSS0.00223EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52198

Name of the Vulnerable Software and Affected Versions GitLab EE versions 19.1 through 19.1.0 Description Insufficient output filtering in Duo Workflows could allow a user to access sensitive information that had already been committed to a project. Recommendations Update GitLab EE to version 19.1...

8.6CVSS5.8AI score0.00328EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/15 6:52 p.m.31 views

CVE-2026-48114 Metacat has an unauthenticated SQL injection vulnerability

Metacat is data repository software that helps researchers preserve, share, and discover data. Versions 2.0.0 and and above contain an unauthenticated SQL injection in the /harvesterRegistration endpoint. HarvesterRegistration.dbInsert builds an INSERT against HARVESTSITESCHEDULE via string...

9.8CVSS0.0037EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 10:20 a.m.9 views

CVE-2026-6269 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to modify hidden merge requests due to incorrect...

5.4CVSS5.5AI score0.00187EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/11 10:20 a.m.9 views

EUVD-2026-36228

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to hide changes from merge request diff views due to...

3.7CVSS5.5AI score0.00158EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.9 views

GitLab 12.0 < 18.10.8 / 18.11 < 18.11.5 / 19.0 < 19.0.2 (CVE-2026-3553)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an...

3.1CVSS5.5AI score0.00236EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.7 views

CVE-2026-1752

GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-role permissions to modify protected environment settings due to improper authorization checks in t...

4.3CVSS5.5AI score0.00311EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 2:37 p.m.22 views

CVE-2026-40619

CVE-2026-40619 affects Genetec Security Center main server installations. The issue could allow an attacker with local OS privileges on the main server to access the Server Admin credentials . It is tied to specific installation package builds, not just the product version, with vulnerable and re...

7.8CVSS5.7AI score0.00115EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 2:37 p.m.8 views

CVE-2026-40619

A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of...

7.8CVSS5.7AI score0.00115EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 2:37 p.m.6 views

CVE-2026-40619

A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of...

7.8CVSS5.7AI score0.00115EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/02 2:37 p.m.14 views

EUVD-2026-33946

A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of...

7.8CVSS5.7AI score0.00115EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.8 views

GitLab 18.9 < 18.10.7 / 18.11 < 18.11.4 / 19.0 < 19.0.1 (CVE-2026-9807)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed a blocked...

4.3CVSS5.9AI score0.00193EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/28 7:34 a.m.7 views

CVE-2026-9807

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed a blocked Project Access Token to continue accessing private resources due to incorrect authorization...

4.3CVSS5.8AI score0.00193EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/27 7:16 p.m.14 views

CVE-2026-6713

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an unauthorized user to enumerate private projects due to incorrect authorization checks...

5.3CVSS0.00322EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 5:55 p.m.77 views

CVE-2026-5296

CVE-2026-5296 affects GitLab Enterprise Edition (GitLab EE) with remediation released for multiple branches: all versions prior to 18.10.7 (from 18.7), 18.11 prior to 18.11.4, and 19.0 prior to 19.0.1. The issue could allow an authenticated user with developer-role permissions, when foundational ...

4.3CVSS5.8AI score0.00196EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:55 p.m.9 views

CVE-2026-6713

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an unauthorized user to enumerate private projects due to incorrect authorization checks...

5.3CVSS5.8AI score0.00322EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2026/05/14 6:16 a.m.7 views

CVE-2026-8144

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with project membership to enumerate private group members due to missing authorization checks...

4.3CVSS5.8AI score0.00172EPSS
Exploits0References3
OSV
OSV
added 2026/05/14 6:16 a.m.6 views

UBUNTU-CVE-2026-6335

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.3 that under certain conditions could have allowed an authenticated user to execute arbitrary code in another user's browser session due to improper sanitization...

5.4CVSS6.2AI score0.00192EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/14 6:16 a.m.7 views

CVE-2026-1659

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted requests due to insufficient input validation...

7.5CVSS5.8AI score0.00355EPSS
Exploits0References4
OSV
OSV
added 2026/05/14 6:16 a.m.6 views

UBUNTU-CVE-2025-13874

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with Guest permissions to view issues in projects they were not authorized to access...

4.3CVSS5.8AI score0.00193EPSS
Exploits0References5
Rows per page
Query Builder