Lucene search
+L

390 matches found

OSV
OSV
added 2026/04/13 6:5 a.m.4 views

BIT-GITLAB-2025-12664 Improper Validation of Specified Quantity in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service by sending repeated GraphQL queries...

7.5CVSS5.8AI score0.00577EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.6 views

PT-2026-32416

GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that, in customizable analytics dashboards, could have allowed an authenticated user to execute arbitrary JavaScript in the context of other users' browsers due...

5.4CVSS6.1AI score0.00279EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/09 1:23 a.m.5 views

CVE-2026-39933

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki version...

6.9CVSS5.8AI score0.00335EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/08 11:16 p.m.5 views

CVE-2025-9484

GitLab has remediated an issue in GitLab EE affecting all versions from 16.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain circumstances could have allowed an authenticated user to have access to other users' email addresses via certain GraphQL queries...

4.3CVSS5.8AI score0.00264EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.5 views

GitLab 11.3 < 18.8.9 / 18.9 < 18.9.5 / 18.10 < 18.10.3 (CVE-2026-1752)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-ro...

4.3CVSS5.9AI score0.00311EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/03/25 5:16 p.m.6 views

CVE-2025-13078

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to cause a denial of service due to excessive resource consumption when processing certain webhook configurati...

6.5CVSS5.8AI score0.00417EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/25 5:16 p.m.5 views

CVE-2026-2745

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 7.11 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to bypass WebAuthn two-factor authentication and gain unauthorized access to user accounts due to inconsisten...

8.1CVSS5.8AI score0.00276EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/12 2:15 a.m.4 views

CVE-2026-1182

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to gain unauthorized access to confidential issue title created in public projects under certain circumstances...

4.3CVSS5.9AI score0.00194EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/11 6:30 p.m.3 views

EUVD-2026-11180

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user, when the markdownplaceholders feature flag was enabled, to inject JavaScript in a browser due to improper...

8.7CVSS5.8AI score0.00231EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/03/11 5:16 p.m.11 views

CVE-2025-12555

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that, under certain conditions, could have allowed an authenticated user to access previous pipeline job information on projects with repository and CI/CD...

4.3CVSS5.9AI score0.00243EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/11 4:16 p.m.4 views

CVE-2026-1230

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 1.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to cause repository downloads to contain different code than displayed in the web interface due to incorrect...

6.5CVSS5.9AI score0.00192EPSS
Exploits0References1
Hacker One
Hacker One
added 2026/02/28 8:7 p.m.15 views

IBM: SQL Injection vulnerability found on ibm.com endpoint

A SQL injection vulnerability was found on an ibm.com endpoint. The vulnerability was reported to IBM, analyzed, and remediated...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/02/25 9:31 p.m.7 views

EUVD-2025-208116

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthorized user with Developer-role permissions to set pipeline variables for manually triggered jobs under certain conditions...

4.3CVSS5.4AI score0.0019EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.7 views

GitLab 17.10 < 18.4.5 / 18.5 < 18.5.3 / 18.6 < 18.6.1 (CVE-2025-12571)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an unauthenticated user to cause a...

7.5CVSS5.7AI score0.00453EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.6 views

GitLab 6.3 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-14157)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a Denial...

6.5CVSS5.7AI score0.00275EPSS
Exploits0References4
NVD
NVD
added 2026/02/11 12:16 p.m.11 views

CVE-2025-12073

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.0 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions, could have allowed an authenticated user to perform server-side request forgery against internal services by bypassing...

4.3CVSS0.00226EPSS
Exploits0References3
OSV
OSV
added 2026/02/11 12:16 p.m.8 views

UBUNTU-CVE-2026-1282

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an authenticated user to inject malicious content into project labels titles...

5.4CVSS5.8AI score0.00162EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/02/11 11:35 a.m.2 views

CVE-2025-8099 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.8 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions, could have allowed an unauthenticated user to cause denial of service by sending repeated GraphQL queries...

7.5CVSS5.6AI score0.004EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/11 11:34 a.m.4 views

CVE-2025-12073

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.0 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions, could have allowed an authenticated user to perform server-side request forgery against internal services by bypassing...

4.3CVSS5.5AI score0.00226EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/11 11:34 a.m.6 views

CVE-2025-14594 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to view certain pipeline values by querying the API...

3.5CVSS5.5AI score0.00164EPSS
Exploits0References6
Rows per page
Query Builder