Lucene search
K

455 matches found

OSV
OSV
added 2026/03/11 4:5 p.m.4 views

CVE-2025-14513 Improper Validation of Specified Quantity in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service condition due to improper input validation when processing specially crafted JSON...

7.5CVSS5.9AI score0.00475EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/11 4:5 p.m.1 views

CVE-2025-14513 Improper Validation of Specified Quantity in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service condition due to improper input validation when processing specially crafted JSON...

7.5CVSS5.8AI score0.00475EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/11 4:5 p.m.3 views

CVE-2025-14513

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service condition due to improper input validation when processing specially crafted JSON...

7.5CVSS5.8AI score0.00475EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/03/11 4:5 p.m.4 views

CVE-2025-14513

Removed by vendor...

7.5CVSS5.8AI score0.00475EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/11 4:5 p.m.28 views

CVE-2025-14513 Improper Validation of Specified Quantity in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service condition due to improper input validation when processing specially crafted JSON...

7.5CVSS0.00475EPSS
Exploits0References3
CVE
CVE
added 2026/03/11 4:5 p.m.14 views

CVE-2025-14513

Summary: CVE-2025-14513 affects GitLab CE/EE. Versions affected: 16.11 prior to 18.7.6, 18.8 prior to 18.8.6, and 18.9 prior to 18.9.2. Root cause: improper input validation when processing specially crafted JSON payloads in the protected branches API, allowing an unauthenticated user to cause a ...

7.5CVSS5.8AI score0.00475EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.4 views

PT-2026-24710

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service condition due to improper input validation when processing specially crafted JSON...

7.5CVSS5.8AI score0.00475EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2026/03/11 12:0 a.m.13 views

Gitlab -- vulnerabilities

Gitlab reports: Cross-site Scripting issue in Markdown placeholder processing impacts GitLab CE/EE Denial of Service issue in GraphQL API impacts GitLab CE/EE Denial of Service issue in repository archive endpoint impacts GitLab CE/EE Denial of Service issue in protected branches API impacts GitL...

8.7CVSS5.8AI score0.00523EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/03/04 12:27 a.m.4 views

SUSE CVE-2026-25232

Gogs is an open source self-hosted Git service. Versions 0.13.4 and below have an access control bypass vulnerability which allows any repository collaborator with Write permissions to delete protected branches including the default branch by sending a direct POST request, completely bypassing th...

8.8CVSS5.8AI score0.00436EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/02/20 7:22 a.m.9 views

CVE-2026-25232

Gogs is an open source self-hosted Git service. Versions 0.13.4 and below have an access control bypass vulnerability which allows any repository collaborator with Write permissions to delete protected branches including the default branch by sending a direct POST request, completely bypassing th...

8.8CVSS5.7AI score0.00436EPSS
Exploits1References1
NVD
NVD
added 2026/02/19 7:17 a.m.8 views

CVE-2026-25232

Gogs is an open source self-hosted Git service. Versions 0.13.4 and below have an access control bypass vulnerability which allows any repository collaborator with Write permissions to delete protected branches including the default branch by sending a direct POST request, completely bypassing th...

8.8CVSS0.00436EPSS
Exploits1References4
CVE
CVE
added 2026/02/19 2:25 a.m.20 views

CVE-2026-25232

Summary (concrete details from connected docs) : CVE-2026-25232 affects Gogs, including versions up to 0.13.4. Affected component: web interface DeleteBranchPost, which bypasses branch protection to delete protected branches (including default) by direct POST requests. Root cause: protection chec...

8.8CVSS5.6AI score0.00436EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/19 2:25 a.m.6 views

CVE-2026-25232 Gogs has a Protected Branch Deletion Bypass in Web Interface

Gogs is an open source self-hosted Git service. Versions 0.13.4 and below have an access control bypass vulnerability which allows any repository collaborator with Write permissions to delete protected branches including the default branch by sending a direct POST request, completely bypassing th...

7.1CVSS5.7AI score0.00436EPSS
Exploits1References4
OSV
OSV
added 2026/02/19 2:25 a.m.8 views

CVE-2026-25232 Gogs has a Protected Branch Deletion Bypass in Web Interface

Gogs is an open source self-hosted Git service. Versions 0.13.4 and below have an access control bypass vulnerability which allows any repository collaborator with Write permissions to delete protected branches including the default branch by sending a direct POST request, completely bypassing th...

7.1CVSS5.7AI score0.00436EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.8 views

Gogs 安全漏洞

Gogs Go Git Service is a Go-based self-service Git hosting service developed by the Gogs team. It supports creating and migrating public/private repositories, as well as adding and removing repository collaborators. Gogs versions 0.13.4 and earlier have security vulnerabilities; these...

8.8CVSS5.8AI score0.00436EPSS
Exploits1References4
Snyk
Snyk
added 2026/02/17 6:43 p.m.5 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the DeleteBranchPost function. A repository collaborator with Write permission can delete protected branches or the default branch by sending POST requests directly to the web interface, bypassing branch...

8.8CVSS5.6AI score0.00436EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/17 6:43 p.m.3 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the DeleteBranchPost function. A repository collaborator with Write permission can delete protected branches or the default branch by sending POST requests directly to the web interface, bypassing branch...

8.8CVSS5.6AI score0.00436EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/02/17 6:43 p.m.11 views

Gogs has a Protected Branch Deletion Bypass in Web Interface

Summary An access control bypass vulnerability in Gogs web interface allows any repository collaborator with Write permissions to delete protected branches including the default branch by sending a direct POST request, completely bypassing the branch protection mechanism. This vulnerability enabl...

8.8CVSS5.7AI score0.00436EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.15 views

PT-2026-20322

Name of the Vulnerable Software and Affected Versions Gogs versions 0.13.4 and below Description Gogs, an open-source self-hosted Git service, contains an access control bypass issue. Repository collaborators with Write permissions can delete protected branches, including the default branch, by...

9.9CVSS6AI score0.34346EPSS
Exploits45References117
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001636)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001636 advisory. It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster...

7.5CVSS6.7AI score0.01374EPSS
Exploits0References15
Rows per page
Query Builder