CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/05/15 7:57 a.m.•2 views

CVE-2026-7377

GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that, in customizable analytics dashboards, could have allowed an authenticated user to execute arbitrary JavaScript in the context of other users' browsers d...

8.7CVSS6.1AI score0.00048EPSS

NVD•added 2026/05/14 6:16 a.m.•2 views

CVE-2026-7377

8.7CVSS0.00048EPSS

OSV•added 2026/05/14 6:16 a.m.•2 views

UBUNTU-CVE-2026-7377

8.7CVSS6.1AI score0.00048EPSS

Vulnrichment•added 2026/05/14 5:33 a.m.•3 views

CVE-2026-7377 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

8.7CVSS6.1AI score0.00048EPSS

OSV•added 2026/04/13 6:10 a.m.•4 views

BIT-GITLAB-2026-4332 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that, in customizable analytics dashboards, could have allowed an authenticated user to execute arbitrary JavaScript in the context of other users' browsers due...

Positive Technologies•added 2026/04/13 12:0 a.m.•1 views

Exploits0References4

PT-2026-32416

EUVD•added 2026/04/09 12:32 a.m.•1 views

EUVD-2026-20800

NVD•added 2026/04/08 11:16 p.m.•2 views

Exploits0References4

CVE-2026-4332

5.4CVSS0.0003EPSS

OSV•added 2026/04/08 11:16 p.m.•1 views

UBUNTU-CVE-2026-4332

Cvelist•added 2026/04/08 10:25 p.m.•16 views

CVE-2026-4332 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

5.4CVSS0.0003EPSS

CVE•added 2026/04/08 10:25 p.m.•26 views

CVE-2026-4332

GitLab Enterprise Edition is affected by CVE-2026-4332 in customizable analytics dashboards where an authenticated user could inject and execute arbitrary JavaScript in other users’ browsers due to improper input sanitization. Affected ranges are GitLab EE versions: 18.2 up to but not including 1...

Exploits0References3Affected Software1

Vulnrichment•added 2026/04/08 10:25 p.m.•2 views

CVE-2026-4332 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

Debian CVE•added 2026/04/08 10:25 p.m.•1 views

CVE-2026-4332

Removed by vendor...

5.4CVSS5.8AI score0.0003EPSS

Exploits0

FreeBSD•added 2026/04/08 12:0 a.m.•4 views

Gitlab -- vulnerabilities

Gitlab reports: Exposed Method issue in websocket connections impacts GitLab CE/EE Denial of Service issue in Terraform state lock API impacts GitLab CE/EE Denial of Service issue in GraphQL API impacts GitLab CE/EE Denial of Service issue in CSV import impacts GitLab CE/EE Denial of Service issu...

8.5CVSS5.9AI score0.00057EPSS

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-49323

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.03053EPSS

Tenable Nessus•added 2025/08/30 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2024-8648

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 16 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. The vulnerability could...

6.1CVSS5.6AI score0.03053EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 7:17 a.m.•9 views

CVE-2024-8648

An issue has been discovered in GitLab CE/EE affecting all versions from 16 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. The vulnerability could allow an attacker to inject malicious JavaScript code in Analytics Dashboards through a specially crafted URL...

6.1CVSS6.5AI score0.03053EPSS

OSV•added 2024/11/16 7:10 a.m.•15 views

BIT-GITLAB-2024-8648 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

6.1CVSS6AI score0.03053EPSS

Exploits0References4

Tenable Nessus•added 2024/11/15 12:0 a.m.•8 views

GitLab 16.0 < 17.3.7 / 17.4 < 17.4.4 / 17.5 < 17.5.2 (CVE-2024-8648)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. The vulnerability could allow an attacker to inject malicious...

6.1CVSS5.6AI score0.03053EPSS