Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2484 matches found

NVD
NVDadded 2022/11/09 11:15 p.m.13 views

CVE-2022-3483

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 15.3.5, all versions starting from 15.4 before 15.4.4, all versions starting from 15.5 before 15.5.2. A malicious maintainer could exfiltrate a Datadog integration's access token by modifying the...

5.5CVSS0.0065EPSS
Exploits0References3
NVD
NVDadded 2022/11/09 11:15 p.m.15 views

CVE-2022-3265

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. It was possible to exploit a vulnerability in setting the labels colour feature which could lead to a stored XSS that allowed attackers to perfo...

7.3CVSS0.86326EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2022/11/09 11:15 p.m.22 views

CVE-2022-3483

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 15.3.5, all versions starting from 15.4 before 15.4.4, all versions starting from 15.5 before 15.5.2. A malicious maintainer could exfiltrate a Datadog integration's access token by modifying the...

5.5CVSS6AI score0.0065EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2022/11/09 11:15 p.m.24 views

CVE-2022-3486

An open redirect vulnerability in GitLab EE/CE affecting all versions from 9.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allows an attacker to redirect users to an arbitrary location if they trust the URL...

6.1CVSS6.4AI score0.00723EPSS
Exploits0References1
Prion
Prionadded 2022/11/09 11:15 p.m.22 views

Cross site scripting

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. It was possible to exploit a vulnerability in setting the labels colour feature which could lead to a stored XSS that allowed attackers to perfo...

4.9CVSS5.2AI score0.86326EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2022/11/09 11:15 p.m.0 views

UBUNTU-CVE-2022-3265

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. It was possible to exploit a vulnerability in setting the labels colour feature which could lead to a stored XSS that allowed attackers to perfo...

7.3CVSS5.8AI score0.86326EPSS
Exploits0References2
Prion
Prionadded 2022/11/09 11:15 p.m.22 views

Open redirect

An open redirect vulnerability in GitLab EE/CE affecting all versions from 9.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allows an attacker to redirect users to an arbitrary location if they trust the URL...

5.8CVSS6.2AI score0.00723EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2022/11/09 12:0 a.m.25 views

CVE-2022-3819

An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...

3.5CVSS4.9AI score0.00426EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2022/11/09 12:0 a.m.7 views

CVE-2022-2761

An information disclosure issue in GitLab CE/EE affecting all versions from 14.4 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to use GitLab Flavored Markdown GFM references in a Jira issue to disclose the names of resources they don't have access to...

4.3CVSS6AI score0.00664EPSS
Exploits0References3
CVE
CVEadded 2022/11/09 12:0 a.m.103 views

CVE-2022-3793

GitLab CE/EE vulnerability CVE-2022-3793: improper authorization allows reading variables set in a GitLab CI/CD config file by an attacker without access. Affected: all 14.4 up to before 15.3.5; 15.4 up to before 15.4.4; 15.5 up to before 15.5.2. Root cause: insufficient access control around CI/...

5.3CVSS5.1AI score0.00537EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2022/11/09 12:0 a.m.83 views

CVE-2022-3819

CVE-2022-3819 describes an improper authorization issue in GitLab CE/EE. Affected versions are all 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, where malicious users can set emojis on internal notes they do not have access to. The description provided does not specify a p...

4.3CVSS4.4AI score0.00426EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2022/11/09 12:0 a.m.34 views

CVE-2022-3793

Removed by vendor...

5.3CVSS6AI score0.00537EPSS
Exploits0
Debian CVE
Debian CVEadded 2022/11/09 12:0 a.m.34 views

CVE-2022-3819

Removed by vendor...

4.3CVSS5.8AI score0.00426EPSS
Exploits0
Debian CVE
Debian CVEadded 2022/11/09 12:0 a.m.19 views

CVE-2022-3706

Removed by vendor...

4.3CVSS5.8AI score0.00508EPSS
Exploits0
Debian CVE
Debian CVEadded 2022/11/09 12:0 a.m.24 views

CVE-2022-3280

Removed by vendor...

6.1CVSS6.3AI score0.00523EPSS
Exploits0
CVE
CVEadded 2022/11/09 12:0 a.m.100 views

CVE-2022-3483

CVE-2022-3483 affects GitLab CE/EE: vulnerable in all versions starting from 12.1 up to 15.3.4, all 15.4.x before 15.4.4, and all 15.5.x before 15.5.2. The issue allows a malicious maintainer to exfiltrate a Datadog integration access token by altering the integration URL so that authenticated re...

5.5CVSS5.2AI score0.0065EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2022/11/09 12:0 a.m.23 views

CVE-2022-2761

An information disclosure issue in GitLab CE/EE affecting all versions from 14.4 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to use GitLab Flavored Markdown GFM references in a Jira issue to disclose the names of resources they don't have access to...

4.3CVSS5.4AI score0.00664EPSS
Exploits0References3
OSV
OSVadded 2022/11/09 12:0 a.m.16 views

CVE-2022-3819

An improper authorization issue in GitLab CE/EE affecting all versions from 15.0 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a malicious users to set emojis on internal notes they don't have access to...

3.5CVSS4.2AI score0.00426EPSS
Exploits0References4
OSV
OSVadded 2022/11/09 12:0 a.m.18 views

CVE-2022-3483

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 15.3.5, all versions starting from 15.4 before 15.4.4, all versions starting from 15.5 before 15.5.2. A malicious maintainer could exfiltrate a Datadog integration's access token by modifying the...

5.5CVSS5AI score0.0065EPSS
Exploits0References5
OSV
OSVadded 2022/11/09 12:0 a.m.19 views

CVE-2022-3793

An improper authorization issue in GitLab CE/EE affecting all versions from 14.4 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to read variables set directly in a GitLab CI/CD configuration file they don't have access to...

4.3CVSS4.9AI score0.00537EPSS
Exploits0References4
Rows per page
Query Builder