CVEs with a CVSS Score Greater Than or Equal to 9

Critical vulnerabilities with Common Vulnerability Scoring System scores of 9.0 or higher pose severe risks to organisations' information systems. Timely detection and remediation are essential to minimise economic and reputational damage from cyberattacks. This paper provides a thorough analysis...

MiracleLinux 9 : webkit2gtk3-2.46.5-1.el9_5 (AXSA:2025-9538:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9538:01 advisory. WebKitGTK: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-54479 webkit: Processing maliciously crafted...

Vulnerabilities fixed in GitLab

GitLab has fixed vulnerabilities in GitLab CE/EE versions 13.12 to 18.2.8, 18.3 to 18.3.4, and 18.4 to 18.4.2. The vulnerabilities included an issue where specially constructed GraphQL queries could make large repository blobs unresponsive, and a flaw that allowed authenticated users with read-on...

BIT-GITLAB-2025-11340 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

CVE-2025-11340

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

UBUNTU-CVE-2025-11340

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

CVE-2025-11340 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

EUVD-2025-33333

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

CVE-2025-11340 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...

CVE-2025-11340

GitLab EE CVE-2025-11340 affects all versions 18.3–18.3.4 and 18.4–18.4.2. The root cause is incorrectly scoped GraphQL mutations that could allow authenticated users with read-only API tokens to perform unauthorized writes to vulnerability records. A patch is available in GitLab EE 18.4.2 (relea...

CVE-2025-11340

Removed by vendor...

postgresql14-14.19-1.1 on GA media (moderate)

postgresql14-14.19-1.1 on GA media Announcement ID: openSUSE-SU-2025:15452-1 Rating: moderate Cross-References: CVE-2025-8713 CVE-2025-8714 CVE-2025-8715 CVSS scores: CVE-2025-8713 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2025-8713 SUSE : 5.3...

CVE-2025-26819

creationtimestamp| type| source ---|---|--- 2025-02-14 23:45:37+00:00| seen| https://infosec.exchange/users/cve/statuses/114004901010161747 2025-02-15 00:16:20+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li6gtpcqld2t 2025-02-15 00:48:27+00:00| seen|...

YasserREED-CVEs

Yasse...

CVE-2024-11680

creationtimestamp| type| source ---|---|--- 2024-11-21 17:59:45+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/projectsendunauthrce.rb 2024-11-26 09:58:57+00:00| seen| https://infosec.exchange/users/cve/statuses/113548665618022004 2024-11-27...

kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128...

CVE-2022-43797

To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used...

CVE-2022-42920

creationtimestamp| type| source ---|---|--- 2022-11-28 12:30:49+00:00| seen| https://t.me/cibsecurity/52588 2024-02-07 07:36:30+00:00| seen| https://t.me/ctinow/180551 2024-02-08 11:07:11+00:00| seen| https://t.me/ctinow/181281 2024-02-10 09:07:11+00:00| seen| https://t.me/ctinow/182486 2025-05-1...

编号已被CVE保留

No details are available at this time...

编号已被CVE保留

No details are available at this time...